Self-Hosted Supabase MCP Server

Overview Inspect Schema Related Servers Score Discussions

verify_jwt_secret

Validate the JWT secret configuration for self-hosted Supabase instances, ensuring secure authentication and returning a preview of the setup.

Instructions

Checks if the Supabase JWT secret is configured for this server and returns a preview.

Input Schema

TableJSON Schema

Name	Required	Description	Default
No arguments

Implementation Reference

src/tools/verify_jwt_secret.ts:29-43 (handler)
The execute function implements the core tool logic: fetches the JWT secret using the client and returns its status ('found' or 'not_configured') with a secure preview if available.
execute: async (input: VerifyJwtInput, context: ToolContext) => { const client = context.selfhostedClient; const secret = client.getJwtSecret(); if (secret) { // Return only a preview for security const preview = `${secret.substring(0, Math.min(secret.length, 5))}...`; return { jwt_secret_status: 'found', jwt_secret_preview: preview, }; } return { jwt_secret_status: 'not_configured' }; },
src/tools/verify_jwt_secret.ts:5-21 (schema)
Zod schemas for tool input (empty object), output (status and preview), and static MCP JSON input schema (empty object).
// Input schema (none needed) const VerifyJwtInputSchema = z.object({}); type VerifyJwtInput = z.infer<typeof VerifyJwtInputSchema>; // Output schema const VerifyJwtOutputSchema = z.object({ jwt_secret_status: z.enum(['found', 'not_configured']).describe('Whether the JWT secret was provided to the server.'), jwt_secret_preview: z.string().optional().describe('A preview of the JWT secret (first few characters) if configured.'), }); // Static JSON Schema for MCP capabilities const mcpInputSchema = { type: 'object', properties: {}, required: [], };
src/index.ts:23-23 (registration)
Import statement bringing the verifyJwtSecretTool into the main index file.
import { verifyJwtSecretTool } from './tools/verify_jwt_secret.js';
src/index.ts:112-112 (registration)
Registration of the tool in the availableTools object map, which is used to populate the MCP server's tool capabilities.
[verifyJwtSecretTool.name]: verifyJwtSecretTool as AppTool,
src/tools/verify_jwt_secret.ts:23-44 (handler)
Complete tool definition including name, description, schemas, and execute handler.
export const verifyJwtSecretTool = { name: 'verify_jwt_secret', description: 'Checks if the Supabase JWT secret is configured for this server and returns a preview.', inputSchema: VerifyJwtInputSchema, mcpInputSchema: mcpInputSchema, outputSchema: VerifyJwtOutputSchema, execute: async (input: VerifyJwtInput, context: ToolContext) => { const client = context.selfhostedClient; const secret = client.getJwtSecret(); if (secret) { // Return only a preview for security const preview = `${secret.substring(0, Math.min(secret.length, 5))}...`; return { jwt_secret_status: 'found', jwt_secret_preview: preview, }; } return { jwt_secret_status: 'not_configured' }; }, };

This server cannot be installed

Related Tools

verify_jwt_secret
@abushadab/selfhosted-supabase-mcp-basic-auth
get_anon_key
@HenkDz/selfhosted-supabase-mcp
get_anon_key
@abushadab/selfhosted-supabase-mcp-basic-auth
get_project_url
@HenkDz/selfhosted-supabase-mcp
jwt_bruteforce
@mohdhaji87/JWTAuditorMCP
create_auth_user
@HenkDz/selfhosted-supabase-mcp

Latest Blog Posts

Federated Learning with MCP: Building Privacy-Preserving Agents Across Distributed Edges
By Om-Shree-0709 on December 21, 2025.
Secure
mcp
Learning
What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/HenkDz/selfhosted-supabase-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server