Skip to content
MCP Servers

Supabase MCP Server

Schema, queries, auth, and storage from Supabase — directly callable by LLMs

8.5 / 10 33 Verified Reviewers Verified 2026-04-30 TypeScript · Supabase platform · MCP 1.0+
Visit Supabase MCP Server Submit a Review

Maintained by Supabase, the Supabase MCP server exposes the full platform surface to LLM agents: SQL queries against your Postgres, Auth user management, Storage bucket operations, and Edge Function invocation. Combines the safety story of Postgres MCP with Supabase opinionated auth and storage. Best fit: teams already on Supabase who want their internal tooling to be agent-driven.

Pricing
Free · Open source (Apache 2.0) · Supabase plan applies

Developer Consensus: Pros

  • Single MCP server covers database + auth + storage + edge functions 28× mentioned
  • Row Level Security policies inherited — agent cannot bypass your auth model 24× mentioned
  • Supabase auth user management from prompts works cleanly 17× mentioned
  • Edge function invocation lets agents trigger your existing serverless code 12× mentioned

Common Friction Points

  • Only useful if you are already on Supabase 11× mentioned
  • Storage operations on large files chew bandwidth 8× mentioned
  • Service-role key in MCP config is a sensitive secret to manage 7× mentioned
  • Documentation lagged the early releases — better now 5× mentioned

Verified Peer Reviews

@supabase_native
Full-Stack Engineer · TypeScript · Startup
Verified
The whole platform is suddenly agent-callable. Auth + DB + Storage from one prompt.

Supabase MCP is the kind of all-in-one I want for our stack. The agent can provision a user, set their role, write the seed data, all in one conversation. Saves 20 minutes of admin per new customer onboarding.

v0.5, April 2026 4.7/5 · 24 helpful
@rls_inherit
Security Engineer · Mixed · Mid
Verified
RLS inheritance is the right default. Agent cannot read what the user cannot read.

Other MCP database servers give the agent service-role access by default. Supabase MCP respects the connecting user RLS. Agent is scoped, blast radius limited. This is the right model.

v0.5, April 2026 4.5/5 · 17 helpful
@sb_locked
Engineering Manager · TypeScript · Mid
Verified
Great if you are on Supabase. Useless otherwise.

No criticism, just truth: this MCP is for Supabase customers. If you are on RDS or Neon, use Postgres MCP instead. We are on Supabase, so this is a clean win.

v0.4, March 2026 4.2/5 · 9 helpful

Compare to Alternatives

vs. Postgres MCP Server
9 · 42 reviewers
Read comparison →
vs. Firebase
8.4 · 55 reviewers
Read comparison →

Methodology

Every review on this page is verified through GitHub OAuth and weighted by reviewer credibility, use-case match, and conflict-of-interest disclosure. Aggregate scores combine with recency decay so rankings reflect current reality. Read full methodology →