Official Data & Analytics

Supabase

Query Supabase Postgres and storage via the official server.

Works with: Claude DesktopClaude CodeCursorWindsurf
Quick install
npx -y @supabase/mcp-server-supabase

How to install the Supabase MCP server

Add this to your Claude Desktop MCP configuration:

{
  "mcpServers": {
    "supabase": {
      "command": "npx",
      "args": [
        "-y",
        "@supabase/mcp-server-supabase"
      ]
    }
  }
}

Add this to your Claude Code MCP configuration:

npx -y @supabase/mcp-server-supabase

Add this to your Cursor MCP configuration:

{
  "mcpServers": {
    "supabase": {
      "command": "npx",
      "args": [
        "-y",
        "@supabase/mcp-server-supabase"
      ]
    }
  }
}

Add this to your Windsurf MCP configuration:

{
  "mcpServers": {
    "supabase": {
      "command": "npx",
      "args": [
        "-y",
        "@supabase/mcp-server-supabase"
      ]
    }
  }
}

The Supabase MCP server gives Claude full access to your Supabase project: Postgres queries, Auth users, Storage buckets, RPC calls, and Edge Functions. For anyone using Supabase as a backend, this is the most direct way to bring your data into Claude.

The community-supabase server is the canonical install. It’s actively maintained and tracks Supabase API changes within days of release.

Why use it

Supabase is one of the most popular backends for solo founders and small teams. The flip side: when something breaks in production, you’re still flipping between the Supabase dashboard, your editor, and the deployed app. The MCP server collapses the dashboard piece.

Common pattern: a user reports a bug, Claude pulls the relevant rows from your Supabase Postgres, identifies the issue, drafts a SQL fix or an app code change. End-to-end debug from a prompt.

What it actually does

Postgres: list tables, run queries (with read-only or write access depending on your key), execute RPCs. Auth: list users, fetch user metadata, manage sessions. Storage: list buckets, browse and upload files. Schema introspection covers everything Postgres has plus Supabase-specific layers.

Practical patterns:

  • “How many users signed up this week and what are their plans?”
  • “Find every file in the ‘avatars’ bucket bigger than 5MB.”
  • “Pull the last 50 records from the events table where source = ‘webhook’.”

Gotchas

The service_role key bypasses RLS entirely. If you set it as the MCP server’s auth, Claude has full admin-level access to your database. For production projects, use the anon key with a specific authenticated user, or run the server against a development branch instead.

Edge Function logs aren’t always exposed. Some servers wrap the Edge Function logs API; some don’t. If logs are a key part of your debug flow, check what the specific server you install supports.

Pair with Vercel or Cloudflare for a full app-stack debug loop: deployment health from the host, app errors from the database. Add GitHub and Claude can also propose code fixes for the issues it finds.

For users who only need raw Postgres access (no Storage, no Auth), the Postgres MCP server is a lighter alternative. Pointed at your Supabase connection string, it works the same as any other Postgres database.

MCP servers related to Supabase

All in Data & Analytics →

PostgreSQL

Anthropic's official Postgres server with read-only schema and queries.
S

SQLite

Anthropic's official SQLite server for local databases.
B

BigQuery

Query Google BigQuery datasets via the official Google MCP.

Snowflake

Run queries against Snowflake warehouses with the official server.

Supabase MCP server: FAQs

Is the Supabase server official?

It's published by the supabase-community organisation, which is closely affiliated with Supabase but technically not the company's main repo. It's the de-facto official server and tracks Supabase API changes promptly.

What does it actually expose?

Postgres queries, table schema introspection, RPC calls, Storage bucket operations, and Auth user management. The breadth is wider than the standalone Postgres MCP because it covers everything you'd reach for in a Supabase project.

Does it bypass Row Level Security?

No, by default. The server uses whichever Supabase key you provide. Use the anon or service_role key carefully. For Claude workflows in development, the service_role key is convenient but dangerous in production. Use the anon key plus an authenticated user context if you can.

Can it write to my database?

Yes, with the right permissions. Insert, update, and delete are exposed. This is useful for fixture management and one-off corrections, but be careful about destructive prompts.

How is this different from the Postgres MCP server pointed at Supabase?

The Postgres MCP server is read-only and gives you raw SQL. The Supabase server gives you SQL plus Auth, Storage, Realtime, Edge Functions, and RLS-aware queries. If you're using Supabase's full feature set, install this one. If you only use the Postgres database, the Postgres server is simpler.

Back to all MCP servers