Supabase MCP

Supabase's official MCP server provides AI agents with direct access to manage Supabase projects including PostgreSQL databases, authentication, storage, and edge functions.

Evaluated Mar 07, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Other supabase postgres database mcp-server auth storage realtime backend open-source
⚙ Agent Friendliness
82
/ 100
Can an agent use this?
🔒 Security
85
/ 100
Is it safe for agents?
⚡ Reliability
82
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
82
Documentation
88
Error Messages
82
Auth Simplicity
78
Rate Limits
75

🔒 Security

TLS Enforcement
100
Auth Strength
82
Scope Granularity
78
Dep. Hygiene
85
Secret Handling
82

Uses Supabase PAT for management operations. Same security considerations as supabase-mcp-server. Service Role Key bypasses RLS entirely — use with caution in agent contexts.

⚡ Reliability

Uptime/SLA
88
Version Stability
82
Breaking Changes
80
Error Recovery
80
AF Security Reliability

Best When

An agent needs to interact with a Supabase-hosted PostgreSQL project, especially for schema management, data querying, or managing Supabase-specific features like Auth and Storage.

Avoid When

You are not using Supabase, or you need to manage a non-Supabase PostgreSQL database.

Use Cases

  • Running SQL queries against Supabase PostgreSQL databases from agents
  • Managing database schema changes including table and column operations
  • Interacting with Supabase Auth for user management automation
  • Querying and managing Supabase Storage buckets and files
  • Creating and deploying Supabase Edge Functions via agents

Not For

  • Non-Supabase PostgreSQL databases (use direct pg drivers instead)
  • Extremely high-throughput transactional workloads
  • Teams requiring on-premise deployment
  • Projects needing proprietary database features (use RDS/Cloud SQL)

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
Yes
Webhooks
Yes

Authentication

Methods: api_key
OAuth: No Scopes: No

Supabase personal access token (PAT) for MCP server auth. Project-specific anon and service_role keys for client SDK. Service role key grants full database access — handle carefully.

Pricing

Model: freemium
Free tier: Yes
Requires CC: No

Very generous free tier. Pro plan needed for production workloads with higher limits. Paused projects after 1 week inactivity on free tier.

Agent Metadata

Pagination
offset
Idempotent
Full
Retry Guidance
Documented

Known Gotchas

  • Free tier projects pause after 1 week of inactivity — first request after pause has cold start
  • Service role key bypasses Row Level Security — agents using it have full unfiltered access
  • MCP server requires npx to run — adds Node.js dependency
  • Database branch management (multiple environments) requires Pro plan
  • Storage file operations return URLs that expire — agents must handle URL refresh
  • Edge functions require Deno runtime knowledge — different from Node.js

Alternatives

mongodb-mcp-server pgmcp

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for Supabase MCP.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-07.

6200
Packages Evaluated
26150
Need Evaluation
173
Need Re-evaluation
Community Powered