db-mcp is a comprehensive SQLite server for AI-driven database interactions, offering 122 specialized tools across analytics, search, and administration with dual backends and enterprise-grade security.
Database Operations: CRUD operations, schema management, indexing, views, and constraints with 8 core tools
Transaction Support: Full ACID compliance with begin, commit, rollback, and savepoints (7 tools, native backend)
JSON Processing: Full JSON/JSONB manipulation, schema analysis, and operations (23 tools)
Text Processing: Regex, fuzzy matching, phonetic search, and similarity analysis (17 tools)
Full-Text Search: FTS5 with BM25 ranking, search optimization, and index management (4 tools)
Statistical Analysis: Descriptive statistics, percentiles, regression, outlier detection (13-19 tools)
Window Functions: ROW_NUMBER, RANK, LAG/LEAD, running totals, moving averages (6 tools, native only)
Vector/Semantic Search: AI embeddings, cosine similarity, hybrid search (11 tools)
Geospatial Operations: Distance calculations, bounding boxes, SpatiaLite GIS capabilities (4-11 tools, native backend)
Virtual Tables: CSV, R-Tree, series, views, vacuum, and dbstat support (13 tools)
Administration: Backup, restore, PRAGMA operations, transaction management, health monitoring (33 tools)
Security: OAuth 2.1 authentication (RFC 9728/8414 compliant) with granular scope-based authorization (read, write, admin, database-specific, table-specific) and SQL injection prevention
Multiple Backends: WASM (102 tools, cross-platform) or Native (122 tools, full features) SQLite implementations
Tool Filtering: Configure tool sets with presets (starter, analytics, search, spatial, minimal, full) or custom groups to manage AI IDE limits
Resources: Read database metadata through 8 resources (schema, tables, indexes, views, health, configuration, insights)
AI Assistance: 10 prompts for schema explanation, query building, data analysis, optimization, migration scripts, debugging, and documentation
Flexible Deployment: Supports STDIO, HTTP/SSE (stateful/stateless), Docker, Node.js, and direct IDE integration (Cursor)
Extensions: Built-in FTS5, JSON1, R-Tree, plus loadable CSV and SpatiaLite extensions
Performance: Configurable metadata caching with automatic invalidation on DDL operations
Provides database operation tools for connecting to and managing MongoDB databases with support for OAuth 2.0 authentication and granular access control
Provides database operation tools for connecting to and managing MySQL databases with support for OAuth 2.0 authentication and granular access control
Provides database operation tools for connecting to and managing PostgreSQL databases with support for OAuth 2.0 authentication and granular access control
Provides database operation tools for connecting to and managing Redis databases with support for OAuth 2.0 authentication and granular access control
Provides database operation tools for connecting to and managing SQLite databases with support for OAuth 2.0 authentication and granular access control
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@db-mcpshow me the top 10 customers by total orders from the PostgreSQL sales database"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
db-mcp
Last Updated January 31, 2026
SQLite MCP Server with HTTP/SSE Transport, OAuth 2.1 authentication, smart tool filtering, granular access control, 122 specialized tools, 8 resources, and 10 prompts. Available in WASM and better-sqlite3 variants.
Beta - This project is actively being developed and is not yet ready for production use.
Wiki β’ Changelog β’ Security
π Table of Contents
Quick Start
Configuration & Usage
Features & Resources
β Quick Test - Verify Everything Works
Test the server in 30 seconds!
Build and run:
Expected output (native):
Expected output (WASM):
Run the test suite:
π‘οΈ Security Features
β SQL Injection Prevention - Parameter binding on all queries
β OAuth 2.1 Authentication - RFC 9728/8414 compliant
β Scope-based Authorization - Granular read/write/admin access
β Strict TypeScript - Full type safety with no
anytypes
β¬οΈ Back to Table of Contents
π Quick Start
Option 1: Docker (Recommended)
Pull and run instantly:
Run with volume mount:
Option 2: Node.js Installation
Clone the repository:
Navigate to directory:
Install dependencies:
Build the project:
Run the server:
Backend Choice: Use
--sqlite-nativefor full features (122 tools, transactions, window functions, SpatiaLite). Use--sqlitefor WASM mode (102 tools, no native dependencies).
β¬οΈ Back to Table of Contents
β‘ Install to Cursor IDE
One-Click Installation
Click the button below to install directly into Cursor:
Or copy this deep link:
Prerequisites
β Docker installed and running (for Docker method)
β Node.js 24+ (LTS) (for local installation)
β¬οΈ Back to Table of Contents
π Tool Categories
Category | WASM | Native | Description |
Core Database | 8 | 8 | CRUD, schema, indexes, views |
JSON Helpers | 8 | 8 | Simplified JSON operations, schema analysis |
JSON Operations | 15 | 15 | Full JSON manipulation, JSONB support |
Text Processing | 13 | 13 | Regex, fuzzy, phonetic, advanced search |
FTS5 Full-Text Search | 4 | 4 | Create, search, rebuild, optimize |
Statistical Analysis | 13 | 19 | Stats, outliers, regression + window functions |
Virtual Tables | 13 | 13 | CSV, R-Tree, series, views, vacuum, dbstat |
Vector/Semantic | 11 | 11 | Embeddings, similarity search |
Geospatial | 4 | 11 | Distance, bounding box + SpatiaLite GIS |
Admin/PRAGMA | 13 | 20 | Backup, restore, pragmas, transactions |
Total | 102 | 122 |
SQLite Backend Options
Choose between two SQLite backends based on your needs:
Feature | WASM (sql.js) | Native (better-sqlite3) |
Tools Available | 102 | 122 |
Transactions | β | β 7 tools |
Window Functions | β | β 6 tools |
FTS5 Full-Text Search | β οΈ Limited | β Full |
JSON1 Extension | β οΈ Limited | β Full |
Cross-platform | β No compilation | Requires Node.js native build |
In-memory DBs | β | β |
File-based DBs | β | β |
Transaction Tools (7) - Native Only
Tool | Description |
| Start transaction (deferred/immediate/exclusive mode) |
| Commit current transaction |
| Rollback current transaction |
| Create a savepoint |
| Release a savepoint |
| Rollback to a savepoint |
| Execute multiple statements atomically |
Window Function Tools (6) - Native Only
Tool | Description |
| Assign sequential row numbers |
| Calculate RANK/DENSE_RANK/PERCENT_RANK |
| Access previous or next row values |
| Calculate cumulative sums |
| Calculate rolling averages |
| Divide rows into N buckets (quartiles, deciles, etc.) |
SQLite Extensions
SQLite supports both built-in extensions (compiled into better-sqlite3) and loadable extensions (require separate binaries).
Built-in Extensions (work out of box)
Extension | Purpose | Status |
FTS5 | Full-text search with BM25 ranking | β Always loaded |
JSON1 | JSON functions (json_extract, etc.) | β Always loaded |
R-Tree | Spatial indexing for bounding boxes | β Always loaded |
Loadable Extensions (require installation)
Extension | Purpose | Tools | CLI Flag |
CSV | CSV virtual tables | 2 |
|
SpatiaLite | Advanced GIS capabilities | 7 |
|
Installing Extensions
CSV Extension:
SpatiaLite Extension:
Note: Extension binaries must match your platform and architecture. The server searches common paths automatically, or use the
CSV_EXTENSION_PATH/SPATIALITE_PATHenvironment variables for custom locations.
π Resources (8)
MCP resources provide read-only access to database metadata:
Resource | URI | Description |
|
| Full database schema (tables, indexes) |
|
| List all tables in the database |
|
| Schema for a specific table |
|
| All indexes in the database |
|
| All views in the database |
|
| Database health and connection status |
|
| Database metadata and configuration |
|
| Business insights memo (analysis) |
π¬ Prompts (10)
MCP prompts provide AI-assisted database workflows:
Prompt | Description |
| Explain database structure and relationships |
| Help construct SQL queries for common operations |
| Analyze data patterns and provide insights |
| Analyze and suggest database optimizations |
| Help create database migration scripts |
| Debug SQL queries that aren't working |
| Generate documentation for the database schema |
| Intelligent table analysis and summary |
| Hybrid FTS5 + vector search workflow |
| Interactive demo of MCP capabilities |
β¬οΈ Back to Table of Contents
β‘ Performance Tuning
Schema metadata is cached to reduce repeated queries during tool/resource invocations.
Variable | Default | Description |
|
| Cache TTL for schema metadata (milliseconds) |
|
| Log verbosity: |
Tip: Lower
METADATA_CACHE_TTL_MSfor development (e.g.,1000), or increase it for production with stable schemas (e.g.,60000= 1 min). Schema cache is automatically invalidated on DDL operations (CREATE/ALTER/DROP).
β¬οΈ Back to Table of Contents
π MCP Client Configuration
Cursor IDE (Native Backend)
Cursor IDE (WASM Backend)
Claude Desktop (Native)
Claude Desktop (WASM)
Native with Extensions (CSV + SpatiaLite)
To enable loadable extensions, add CLI flags and set environment variables for extension paths:
Windows:
Linux/macOS:
Note: Extension flags (
--csv,--spatialite) are only available with the native backend (--sqlite-native). Set environment variables if extensions are not in standard system paths.
Docker with Claude Desktop
In-Memory Database
Use :memory: for a temporary in-memory database:
HTTP/SSE Transport (Remote Access)
For remote access, web-based clients, or MCP Inspector testing, run the server in HTTP mode:
Endpoints:
Endpoint | Description |
| Server info and available endpoints |
| JSON-RPC requests (initialize, tools/call) |
| SSE stream for server-to-client notifications |
| Session termination |
| Health check (always public) |
Session Management: The server uses stateful sessions by default. Include the mcp-session-id header (returned from initialization) in subsequent requests for session continuity.
Stateless Mode (Serverless)
For serverless deployments (AWS Lambda, Cloudflare Workers, Vercel), use stateless mode:
Mode | Progress Notifications | SSE Streaming | Serverless |
Stateful (default) | β Yes | β Yes | β οΈ Complex |
Stateless ( | β No | β No | β Native |
β¬οΈ Back to Table of Contents
ποΈ Tool Filtering
AI-enabled IDEs like Cursor have tool limits. With 122 tools in the native backend, you must use tool filtering to stay within limits. Use shortcuts or specify groups to enable only what you need.
Quick Start: Recommended Configurations
Option 1: Starter (18 tools) β Recommended
Core + JSON + Text. Best for general development.
Option 2: Analytics (23 tools)
Core + JSON + Stats + Window functions. For data analysis.
Option 3: Search (14 tools)
Core + Text + FTS5 + Vector. For search workloads.
Option 4: Custom Groups
Specify exactly the groups you need:
Shortcuts (Predefined Bundles)
Note: Native includes transactions (7), window functions (6), and SpatiaLite (7) not available in WASM.
Shortcut | WASM | Native | + Built-in | What's Included |
| 48 | 48 | +3 | Core, JSON, Text |
| 44 | 50 | +3 | Core, JSON, Stats |
| 36 | 36 | +3 | Core, Text, Vector |
| 23 | 30 | +3 | Core, Geo, Vector |
| 8 | 8 | +3 | Core only |
| 102 | 122 | +3 | Everything enabled |
Tool Groups (7 Available)
Note: +3 built-in tools (server_info, server_health, list_adapters) are always included.
Group | WASM | Native | + Built-in | Description |
| 8 | 8 | +3 | Basic CRUD, schema, tables |
| 23 | 23 | +3 | JSON/JSONB operations, analysis |
| 17 | 17 | +3 | Text processing + FTS5 + advanced search |
| 13 | 19 | +3 | Statistical analysis (+ window funcs) |
| 11 | 11 | +3 | Embeddings, similarity search |
| 26 | 33 | +3 | Backup, restore, virtual tables, pragma |
| 4 | 11 | +3 | Geospatial + SpatiaLite (Native only) |
Syntax Reference
Prefix | Target | Example | Effect |
(none) | Shortcut |
| Whitelist Mode: Enable ONLY this shortcut |
(none) | Group |
| Whitelist Mode: Enable ONLY this group |
| Group |
| Add tools from this group to current set |
| Group |
| Remove tools in this group from current set |
| Tool |
| Add one specific tool |
| Tool |
| Remove one specific tool |
Examples:
Legacy Syntax (still supported):
If you start with a negative filter (e.g., -vector,-geo), it assumes you want to start with all tools enabled and then subtract.
β¬οΈ Back to Table of Contents
π₯ Core Capabilities
π Statistical Analysis - Descriptive stats, percentiles, time series analysis
π Advanced Text Processing - Regex, fuzzy matching, phonetic search, similarity
π§ Vector/Semantic Search - AI-native embeddings, cosine similarity, hybrid search
πΊοΈ Geospatial Operations - Distance calculations, bounding boxes, spatial queries
π Transaction Safety - Full ACID compliance with savepoints (native backend)
ποΈ 122 Specialized Tools - Complete database administration and analytics suite
π’ Enterprise Features
π OAuth 2.1 Authentication - RFC 9728/8414 compliant token-based authentication
π‘οΈ Tool Filtering - Control which database operations are exposed
π₯ Access Control - Granular scopes for read-only, write, and admin access
π― Full-Text Search (FTS5) - Advanced search with BM25 ranking
β‘ Window Functions - Row numbers, rankings, running totals, moving averages
β¬οΈ Back to Table of Contents
π OAuth 2.1 Implementation
Component | Status | Description |
Protected Resource Metadata | β | RFC 9728 |
Auth Server Discovery | β | RFC 8414 metadata discovery with caching |
Token Validation | β | JWT validation with JWKS support |
Scope Enforcement | β | Granular |
HTTP Transport | β | Streamable HTTP with OAuth middleware |
Supported Scopes
Scope | Description |
| Read-only access to all databases |
| Read and write access to all databases |
| Full administrative access |
| Access to specific database only |
| Access to specific table only |
Keycloak Integration
See docs/KEYCLOAK_SETUP.md for setting up Keycloak as your OAuth provider.
Quick Start with OAuth
1. Start the server with OAuth enabled:
2. Get an access token from Keycloak:
3. Make authenticated MCP requests:
Note: OAuth is automatically enabled when running in HTTP mode with OAuth environment variables configured. The
/.well-known/oauth-protected-resourceendpoint provides RFC 9728 metadata for client discovery.
β¬οΈ Back to Table of Contents
π Why Choose db-mcp?
β
TypeScript Native - Full type safety with strict mode, no any types
β
122 Specialized Tools - Most comprehensive SQLite MCP server available
β
OAuth 2.1 Built-in - Enterprise-grade authentication out of the box
β
Dual Backends - WASM for portability, native for performance
β
Tool Filtering - Stay within AI IDE tool limits with preset configurations
β
Window Functions - Advanced analytics with ROW_NUMBER, RANK, LAG/LEAD
β
Transaction Support - Full ACID compliance with savepoints
β
Modern Architecture - Built on MCP SDK with clean, modular design
β
Active Development - Regular updates and improvements
β¬οΈ Back to Table of Contents
π Project Stats
122 Tools in native backend (102 in WASM)
13 Tool Groups for flexible filtering
Strict TypeScript with full type coverage
Multi-platform support (Windows, Linux, macOS)
Docker images available for easy deployment
OAuth 2.1 RFC-compliant authentication
Active development with regular updates
β¬οΈ Back to Table of Contents
Configuration
Environment Variables
Copy .env.example to .env and configure:
JSON Configuration
See config/db-mcp.keycloak.json for a complete example.
Contributing
Contributions are welcome! Please read our Contributing Guidelines before submitting a pull request.
Security
For security concerns, please see our Security Policy.
β οΈ Never commit credentials - Store secrets in
.env(gitignored)
License
This project is licensed under the MIT License - see the LICENSE file for details.
Code of Conduct
Please read our Code of Conduct before participating in this project.