Supports configuration through environment variables loaded from .env files, allowing customization of connection settings, security parameters, timeouts, and caching behavior.
Enables deployment of the MCP server using Docker containers, with configuration via environment variables and docker-compose for simplified setup and management.
Provides access to the repository for cloning and installation, with documentation and setup instructions accessible through GitHub.
This is a Model Context Protocol (MCP) server for SQL Server interactions. It allows Large Language Models (LLMs) to execute SQL queries, run stored procedures, and explore database schemas with enhanced security and robustness.
SELECT queries against SQL Server databases. All queries are parsed and validated to ensure only SELECT statements are executed.SELECT-only whitelist.SQL_ALLOWED_DATABASES environment variable to whitelist accessible databases.pino logger for detailed and structured application logs.For complete Docker setup instructions, see the Docker README.
The server is configured using environment variables. Create a .env file in the root directory (you can copy .env.example) to set these values.
For a detailed guide on all configuration options and how to set them up, please see CONFIG.
| Category | Variable | Description | Default (from config.js) |
|---|---|---|---|
| Connection | SQL_SERVER | SQL Server hostname or IP | localhost |
SQL_PORT | SQL Server port | 1433 | |
SQL_USER | SQL Server username | sa | |
SQL_PASSWORD | SQL Server password | Required | |
SQL_DATABASE | Default database name to connect to | master | |
| Security | SQL_ENCRYPT | Enable encryption (set to false to disable) | true |
SQL_TRUST_SERVER_CERT | Trust server certificate (set to false to disable) | true | |
SQL_ALLOWED_DATABASES | Comma-separated list of databases the server is allowed to access. If empty, access is less restricted (relies on DB user permissions). | [] (empty list) | |
| Timeouts & Retries | SQL_CONNECTION_TIMEOUT | Connection timeout (ms) | 30000 |
SQL_REQUEST_TIMEOUT | Request timeout for queries (ms) | 30000 | |
SQL_MAX_RETRIES | Max number of retries for initial connection attempts | 3 | |
SQL_INITIAL_RETRY_DELAY | Initial delay (ms) before retrying a failed connection | 1000 | |
SQL_MAX_RETRY_DELAY | Maximum delay (ms) for connection retries (uses exponential backoff) | 30000 | |
| Connection Pool | SQL_POOL_MAX | Max connections in pool | 10 |
SQL_POOL_MIN | Min connections in pool | 0 | |
SQL_POOL_IDLE_TIMEOUT | Idle timeout for connections in pool (ms) | 30000 | |
| Caching | SQL_SCHEMA_CACHE_TTL | Time-To-Live for schema cache (ms) | 300000 (5 minutes) |
| MCP Server | MCP_SERVER_NAME | Name of the MCP server | MSSQL Server |
MCP_SERVER_VERSION | Version of the MCP server | 1.0.0 | |
| Logging | LOG_LEVEL | Log level for pino logger (e.g., fatal, error, warn, info, debug, trace, silent). This is read directly from process.env in server.ts, not part of config.js. | info |
To add this MCP server to Claude CLI:
In the Claude conversation, you can:
SELECT queries:database attribute is optional if operating on the default SQL_DATABASE or if SQL_ALLOWED_DATABASES implies a single choice.)YourDatabaseName is omitted, it defaults to the SQL_DATABASE specified in the environment variables.)This MCP server utilizes a global, robust connection pool (mssql library's built-in pooling) managed by the DatabaseService.
execute_query calls) from the LLM will use the exact same underlying database connection. Therefore, session-specific state like temporary tables or session variables created in one call may not be available in another. Each call should be considered atomic from a session state perspective. The USE [database] command is issued within each operation if the target database differs from the pool's default, ensuring context for that specific operation.SELECT Only: The server strictly enforces that only SELECT queries can be run via the execute_query tool, using SQL parsing. DML (INSERT, UPDATE, DELETE) and DDL statements are blocked.SQL_ALLOWED_DATABASES environment variable to restrict which databases the server can interact with. For a detailed explanation of this feature and how it interacts with SQL_DATABASE, please see DATABASE_WHITELISTING.md.sp_, xp_) and commands like RECONFIGURE or WAITFOR DELAY via execute_query is blocked. Stored procedures should be used for legitimate system interactions.mssql library, which typically parameterizes them to prevent SQL injection.If you encounter issues:
docker logs mssql-mcp (if using Docker)..env file are correctly set, especially SQL_PASSWORD, SQL_SERVER, SQL_USER, and SQL_DATABASE.SQL_ALLOWED_DATABASES if you have set this variable.test-mcp.sh, test-session-persistence.sh) might need review/updates.For detailed Docker troubleshooting, see the Docker README.
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
A Model Context Protocol server that allows Large Language Models like Claude to execute SQL queries, explore database schemas, and maintain persistent connections to SQL Server databases.