PostgreSQL MCP Server

A PostgreSQL MCP server implementation using the Model Context Protocol (MCP) Python SDK- an open protocol that enables seamless integration between LLM applications and external data sources. This server allows AI agents to interact with PostgreSQL databases through a standardized interface.

Features

List database schemas
List tables within schemas
Describe table structures
List table constraints and relationships
Get foreign key information
Execute SQL queries
Typed tools with JSON/markdown output
Optional table resources and guidance prompts

Quick Start

# Run the server without a DB connection (useful for Glama or inspection)
python postgres_server.py

# With a live database – pick one method:
export POSTGRES_CONNECTION_STRING="postgresql://user:pass@host:5432/db"
python postgres_server.py

# …or…
python postgres_server.py --conn "postgresql://user:pass@host:5432/db"

# Or using Docker (build once, then run):
# docker build -t mcp-postgres . && docker run -p 8000:8000 mcp-postgres

Installation

Installing via Smithery

To install PostgreSQL MCP Server for Claude Desktop automatically via Smithery:

npx -y @smithery/cli install @gldc/mcp-postgres --client claude

Manual Installation

Clone this repository:

git clone <repository-url>
cd mcp-postgres

Create and activate a virtual environment (recommended):

python -m venv venv
source venv/bin/activate  # On Windows, use: venv\Scripts\activate

Install dependencies:

pip install -r requirements.txt

Usage

Start the MCP server.
# Without a connection string (server starts, DB‑backed tools will return a friendly error) python postgres_server.py # Or set the connection string via environment variable: export POSTGRES_CONNECTION_STRING="postgresql://username:password@host:port/database" python postgres_server.py # Or pass it using the --conn flag: python postgres_server.py --conn "postgresql://username:password@host:port/database" # Optional: Run over HTTP transports # Streamable HTTP (recommended for streaming tool outputs) python postgres_server.py --transport streamable-http --host 0.0.0.0 --port 8000 # SSE transport (server-sent events) mounted at /sse and /messages/ python postgres_server.py --transport sse --host 0.0.0.0 --port 8000 --mount /mcp
The server provides the following tools:

query: Execute SQL queries against the database
list_schemas: List all available schemas
list_tables: List all tables in a specific schema
describe_table: Get detailed information about a table's structure
get_foreign_keys: Get foreign key relationships for a table
find_relationships: Discover both explicit and implied relationships for a table
db_identity: Show current db/user/host/port, search_path, and version

Typed (preferred):

run_query(input): Execute with typed input (sql, parameters, row_limit, format: 'markdown'|'json').
run_query_json(input): Execute and return JSON-serializable rows.
list_schemas_json(input): List schemas with filters (include_system, include_temp, require_usage, row_limit).
list_schemas_json_page(input): Paginated listing with filters and name_like pattern.
list_tables_json(input): List tables within a schema with filters (name pattern, case sensitivity, table_types, row_limit).
list_tables_json_page(input): Paginated tables listing with filters.

Examples:

// run_query (markdown)
{
  "sql": "SELECT * FROM information_schema.tables WHERE table_schema = %s",
  "parameters": ["public"],
  "row_limit": 50,
  "format": "markdown"
}

// run_query_json
{
  "sql": "SELECT now() as ts",
  "row_limit": 1
}

Inspect current connection identity:

// db_identity (no input)
{}

List schemas (JSON) with filters:

{
  "include_system": false,
  "include_temp": false,
  "require_usage": true,
  "row_limit": 10000
}

Paginated list with pattern filter:

{
  "include_system": false,
  "include_temp": false,
  "require_usage": true,
  "page_size": 200,
  "cursor": null,
  "name_like": "sales_*",
  "case_sensitive": false
}

Response shape:

{
  "items": [ { "schema_name": "sales_eu", "owner": "...", "is_system": false, "is_temporary": false, "has_usage": true } ],
  "next_cursor": "...base64..." // null when no more pages
}

List tables with filters (JSON):

{
  "db_schema": "public",
  "name_like": "orders_*",
  "case_sensitive": false,
  "table_types": ["BASE TABLE", "VIEW"],
  "row_limit": 1000
}

Paginated tables listing:

{
  "db_schema": "public",
  "page_size": 200,
  "cursor": null,
  "name_like": "orders_%"
}

Resources (if supported by client):

table://{schema}/{table} for reading table rows. Fallback tools are available:
- list_table_resources(schema) → table://... URIs
- read_table_resource(schema, table, row_limit) → rows JSON

Prompts (registered when supported; also exposed as tools):

write_safe_select / prompt_write_safe_select_tool
explain_plan_tips / prompt_explain_plan_tips_tool

Running with Docker

Build the image:

docker build -t mcp-postgres .

Run the container without a database connection (the server stays inspectable):

docker run -p 8000:8000 mcp-postgres

Run with a live PostgreSQL database by supplying POSTGRES_CONNECTION_STRING:

docker run \
  -e POSTGRES_CONNECTION_STRING="postgresql://username:password@host:5432/database" \
  -p 8000:8000 \
  mcp-postgres

If the environment variable is omitted, the server boots normally and all database‑backed tools return a friendly “connection string is not set” message until you provide it.

Configuration with mcp.json

To integrate this server with MCP-compatible tools (like Cursor), add it to your ~/.cursor/mcp.json:

{
  "servers": {
    "postgres": {
      "command": "/path/to/venv/bin/python",
      "args": [
        "/path/to/postgres_server.py"
      ],
      "env": {
        "POSTGRES_CONNECTION_STRING": "postgresql://username:password@host:5432/database?ssl=true"
      }
    }
  }
}

Transport Environment Variables

MCP_TRANSPORT=stdio|sse|streamable-http (default: stdio)
MCP_HOST=0.0.0.0 and MCP_PORT=8000 for SSE/HTTP transports
MCP_SSE_MOUNT=/mcp optional SSE mount path

If POSTGRES_CONNECTION_STRING is omitted, the server still starts and is fully inspectable; database‑backed tools will simply return an informative error until the variable is provided.

Replace:

/path/to/venv with your virtual environment path
/path/to/postgres_server.py with the absolute path to the server script

HTTP Client Integration

Run the server with Streamable HTTP:

python postgres_server.py --transport streamable-http --host 0.0.0.0 --port 8000
# or with Docker
docker run -p 8000:8000 mcp-postgres \
  python postgres_server.py --transport streamable-http --host 0.0.0.0 --port 8000

Basic reachability check (expect non-200 since MCP expects a handshake):

curl -i http://localhost:8000/mcp
# A 404/405/422 indicates the server is reachable; clients must speak MCP.

Example MCP client config (conceptual) pointing at the Streamable HTTP endpoint:

{
  "servers": {
    "postgres": {
      "transport": "streamable-http",
      "url": "http://localhost:8000/mcp"
    }
  }
}

For SSE instead of Streamable HTTP:

python postgres_server.py --transport sse --host 0.0.0.0 --port 8000 --mount /mcp
curl -N http://localhost:8000/sse  # Connects to the SSE endpoint

Python MCP Client Example (Streamable HTTP)

import asyncio
from mcp.client import streamable_http
from mcp.client.session import ClientSession


async def main():
    url = "http://localhost:8000/mcp"
    async with streamable_http.streamablehttp_client(url) as (read, write, _get_session_id):
        session = ClientSession(read, write)
        init = await session.initialize()
        print("protocol:", init.protocolVersion)

        # List tools
        tools = await session.list_tools()
        print("tools:", [t.name for t in tools.tools])

        # Call typed tool: run_query_json
        result = await session.call_tool(
            "run_query_json",
            {"input": {"sql": "SELECT 1 AS n", "row_limit": 1}},
        )
        # Prefer structuredContent if provided; fallback to text content
        if result.structuredContent is not None:
            print("structured:", result.structuredContent)
        else:
            print("text blocks:", [getattr(b, "text", None) for b in result.content])


if __name__ == "__main__":
    asyncio.run(main())

Security

Never expose sensitive database credentials in your code
Use environment variables or secure configuration files for database connection strings
Consider using connection pooling for better resource management
Implement proper access controls and user authentication

Environment options

POSTGRES_READONLY=true to allow only SELECT/CTE/EXPLAIN/SHOW/VALUES
POSTGRES_STATEMENT_TIMEOUT_MS=15000 to cap statement runtime

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Development & Tests

Create a venv and install runtime deps: pip install -r requirements.txt
(Optional) install test deps: pip install -r dev-requirements.txt
Run tests: pytest -q

License

MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

This server cannot be installed

security - not tested

license - permissive license

quality - not tested

How are these scores calculated?

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Enables AI agents to interact with PostgreSQL databases through the Model Context Protocol, providing database schema exploration, table structure inspection, and SQL query execution capabilities.

Related MCP Servers

Model Context Protocol PostgreSQL Server
endaoment
-
security
F
license
-
quality
A server that allows AI models to interact with PostgreSQL databases through a standardized protocol, providing database schema information and SQL query execution capabilities.
Last updated -
1
MCP PostgreSQL Server
antonorlov
A
security
A
license
A
quality
Enables AI models to interact with PostgreSQL databases through a standardized interface, supporting operations like queries, table manipulation, and schema inspection.
Last updated -
6
353
5
MIT License
PostgreSQL MCP Server
abdou-ghonim
-
security
F
license
-
quality
A Model Context Protocol server that provides AI assistants with secure, read-only access to PostgreSQL databases while offering comprehensive tools for schema exploration, query validation, and performance optimization.
Last updated -
PostgreSQL MCP Server
melihbirim
A
security
F
license
A
quality
Enables AI assistants to interact with PostgreSQL databases using natural language queries, providing secure read-only access to database schemas and SQL translation capabilities.
Last updated -
6
3

View all related MCP servers

PostgreSQL MCP Server