Self-Hosted Supabase MCP Server

Instructions

Implementation Reference

• src/tools/verify_jwt_secret.ts:29-43 (handler)

  The execute function implementing the tool's core logic: retrieves the JWT secret from the client, provides a secure preview if available, and returns the configuration status.
  execute: async (input: VerifyJwtInput, context: ToolContext) => { const client = context.selfhostedClient; const secret = client.getJwtSecret(); if (secret) { // Return only a preview for security const preview = `${secret.substring(0, Math.min(secret.length, 5))}...`; return { jwt_secret_status: 'found', jwt_secret_preview: preview, }; } return { jwt_secret_status: 'not_configured' }; },
• src/tools/verify_jwt_secret.ts:5-20 (schema)

  Zod input schema (empty object), output schema for status and preview, and MCP-compatible static JSON input schema.
  // Input schema (none needed) const VerifyJwtInputSchema = z.object({}); type VerifyJwtInput = z.infer<typeof VerifyJwtInputSchema>; // Output schema const VerifyJwtOutputSchema = z.object({ jwt_secret_status: z.enum(['found', 'not_configured']).describe('Whether the JWT secret was provided to the server.'), jwt_secret_preview: z.string().optional().describe('A preview of the JWT secret (first few characters) if configured.'), }); // Static JSON Schema for MCP capabilities const mcpInputSchema = { type: 'object', properties: {}, required: [], };
• src/index.ts:112-112 (registration)

  Registers the verifyJwtSecretTool in the availableTools object used by the MCP server.
  [verifyJwtSecretTool.name]: verifyJwtSecretTool as AppTool,
• src/index.ts:23-23 (registration)

  Imports the verifyJwtSecretTool for use in the MCP server.
  import { verifyJwtSecretTool } from './tools/verify_jwt_secret.js';