Supabase Management API MCP Server

/** * [Beta] Exchange auth code for user's access and refresh token. * * @param {Object} args - Arguments for exchanging auth code. * @param {string} args.grant_type - The grant type (e.g., "refresh_token"). * @param {string} args.client_id - The client ID. * @param {string} args.client_secret - The client secret. * @param {string} args.code - The authorization code. * @param {string} args.code_verifier - The code verifier. * @param {string} args.redirect_uri - The redirect URI. * @param {string} args.refresh_token - The refresh token. * @param {string} [args.resource] - Resource indicator for MCP clients. * @param {string} [args.scope] - The scope. * @returns {Promise<Object>} - The response from the Supabase Management API. */ const exchangeAuthCodeForTokens = async ({ grant_type, client_id, client_secret, code, code_verifier, redirect_uri, refresh_token, resource, scope }) => { const baseUrl = 'https://api.supabase.com'; try { const url = `${baseUrl}/v1/oauth/token`; const params = new URLSearchParams(); if (grant_type) params.append('grant_type', grant_type); if (client_id) params.append('client_id', client_id); if (client_secret) params.append('client_secret', client_secret); if (code) params.append('code', code); if (code_verifier) params.append('code_verifier', code_verifier); if (redirect_uri) params.append('redirect_uri', redirect_uri); if (refresh_token) params.append('refresh_token', refresh_token); if (resource) params.append('resource', resource); if (scope) params.append('scope', scope); const response = await fetch(url, { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json' }, body: params.toString() }); if (!response.ok) { let err; try { err = await response.json(); } catch { err = await response.text(); } throw new Error(typeof err === 'string' ? err : JSON.stringify(err)); } return await response.json(); } catch (error) { return { error: error instanceof Error ? error.message : JSON.stringify(error) }; } }; /** * Tool definition for exchanging auth code for user's access and refresh token. */ const apiTool = { function: exchangeAuthCodeForTokens, definition: { type: 'function', function: { name: 'exchange_auth_code_for_tokens', description: "[Beta] Exchange auth code for user's access and refresh token.", parameters: { type: 'object', properties: { grant_type: { type: 'string', description: 'The grant type (e.g., "refresh_token").' }, client_id: { type: 'string', description: 'The client ID.' }, client_secret: { type: 'string', description: 'The client secret.' }, code: { type: 'string', description: 'The authorization code.' }, code_verifier: { type: 'string', description: 'The code verifier.' }, redirect_uri: { type: 'string', description: 'The redirect URI.' }, refresh_token: { type: 'string', description: 'The refresh token.' }, resource: { type: 'string', description: 'Resource indicator for MCP clients.' }, scope: { type: 'string', description: 'The scope.' } }, required: [ 'grant_type', 'client_id', 'client_secret', 'code', 'code_verifier', 'redirect_uri', 'refresh_token' ] } } } }; export { apiTool };