mcp-sqlserver
Enables OpenAI models to connect to Microsoft SQL Server databases for schema discovery, query execution, performance diagnostics, and database management.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@mcp-sqlserverlist tables in the Sales database"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
mcp-sqlserver
A powerful Model Context Protocol (MCP) server for Microsoft SQL Server. Connects AI assistants (Claude, Gemini, Kiro, OpenAI, Copilot, Cursor) directly to your SQL Server databases with enterprise-grade security controls.
39 tools across 7 categories: schema discovery, query execution, DDL, stored procedures, performance/DBA diagnostics, developer utilities, and server management.
Changelog: See CHANGELOG.md for version history or GitHub Releases for detailed release notes.
What's New in v1.3
Multi-server support — Define dev/staging/prod servers in one config, switch with
serverparameterlist_serverstool — See all configured connections at a glancePer-server security — Each server gets its own security mode, row limits, and blocked databases
Backward compatible — Existing single-server configs work without any changes
Related MCP server: mcp-ohmy-sql
What's New in v1.2
16 new tools — DBA diagnostics, code generation, ER diagrams, schema diff, data sampling, and more
SQL injection protection — All queries now use parameterized inputs and escaped identifiers
ISO date formatting — Dates display as
2025-01-27instead of raw JavaScript Date stringsStreamable HTTP transport — Host the MCP server remotely with
--http <port>Health check — Verify connection status and server responsiveness
Features
Server Management (1 tool)
Tool | Description |
| List all configured server connections with host, database, auth, and security mode |
Multi-server: Every tool accepts an optional
serverparameter to target a specific named server. Omit it to use the default server.
Schema Discovery (9 tools)
Tool | Description |
| List all accessible databases on the instance |
| List schemas in a database |
| List tables with row counts and sizes |
| List views in a database |
| Detailed column info: types, defaults, nullability, identity, computed |
| Foreign key relationships for a table |
| Index information with included columns |
| PK, unique, check, and default constraints |
| Trigger definitions on a table |
Query Execution (3 tools)
Tool | Description |
| Run SELECT queries with automatic row limits |
| Run INSERT/UPDATE/DELETE/MERGE (requires |
| Export query results as CSV or JSON format |
DDL Operations (1 tool)
Tool | Description |
| Run CREATE/ALTER/DROP statements (requires |
Stored Procedures (3 tools)
Tool | Description |
| List stored procedures in a database |
| View parameters and source code of a procedure |
| Execute with named parameters (requires |
Performance & DBA (16 tools)
Tool | Description |
| Estimated execution plan for any query |
| Currently running queries from |
| Row count, total/used/unused size, and fragmentation % |
| Index seeks, scans, lookups, and update statistics |
| Missing index suggestions with ready-to-use CREATE INDEX DDL |
| Server version, edition, CPU count, memory, uptime |
| Database size, file layout, status, recovery model, object counts |
| Top server wait statistics — identifies CPU, I/O, lock bottlenecks |
| Recent deadlock events from the |
| Current blocking chains — which sessions are blocking others |
| Long-running open transactions that may be holding locks |
| Detailed disk space usage by table (data, index, unused) |
| Recent backup history: type, size, duration, device path |
| Top resource-consuming queries from Query Store (SQL Server 2016+) — sortable by CPU, duration, reads, writes, or executions |
| Rebuild or reorganize a fragmented index (requires |
| Connection health check with latency, version, active sessions |
Developer Utilities (6 tools)
compare_schemas — Schema Diff
Compare two databases side-by-side. Shows tables, columns, and type differences — perfect for dev vs prod comparison.
compare_schemas(source_database: "DevDB", target_database: "ProdDB")Output includes: tables only in source/target, columns only in source/target, and column type/nullability differences.
generate_code — Code Generation
Generate typed code from any table's schema:
TypeScript — interfaces with proper types (
number,string,Date,Buffer | null)C# — classes with nullable value types (
int?,DateTime?,decimal?)SQL —
CREATE TABLEscripts with full column definitions
generate_code(table: "Products", language: "typescript")
→ export interface Products {
productId: number;
productName: string;
unitPrice: number | null;
...
}generate_insert_scripts — Data Export as INSERT
Generate INSERT statements from existing table data — useful for migration scripts, seed data, or backing up small reference tables.
generate_insert_scripts(table: "Categories", top: 10)
→ INSERT INTO [dbo].[Categories] ([CategoryName], [Description]) VALUES (N'Beverages', N'Soft drinks...');generate_er_diagram — ER Diagram
Generate a Mermaid ER diagram from foreign key relationships. Paste the output into any Mermaid-compatible renderer (GitHub, Notion, VS Code, etc.).
generate_er_diagram(database: "Northwind")
→ erDiagram
Products }o--|| Categories : "CategoryID"
Products }o--|| Suppliers : "SupplierID"
Orders }o--|| Customers : "CustomerID"
...generate_test_data — Test Data Generation
Generate realistic INSERT statements with fake data based on column names and types. Smart heuristics for common patterns (email, phone, name, city, price, etc.).
generate_test_data(table: "Customers", count: 5)
→ INSERT INTO [dbo].[Customers] (...) VALUES (N'Alice', N'user1@example.com', N'New York', ...);sample_table — Random Sampling
Get a random sample of rows from any table using NEWID() — useful for AI assistants to understand data patterns without scanning entire tables.
sample_table(table: "Orders", count: 5)Security
Three Security Modes
Mode | SELECT | INSERT/UPDATE/DELETE | DDL | Stored Procedures |
| Yes | No | No | Read-only (list/describe) |
| Yes | Yes | No | Full (execute) |
| Yes | Yes | Yes | Full (execute) |
SQL Injection Protection
All user-provided values are passed as parameterized query inputs (@param). Object identifiers (database, schema, table names) are escaped using SQL Server bracket notation ([name] with ] → ]]).
Additional Security Features
Database and schema allow/block lists
Automatic row count limits (configurable
maxRowCount)Blocked keyword detection (xp_cmdshell, SHUTDOWN, DROP DATABASE, etc.)
Column-level data masking for PII protection
Query type validation per security mode
Data Masking
Mask sensitive columns in query results:
security:
maskColumns:
- pattern: "*.password"
mask: "***"
- pattern: "*.ssn"
mask: "XXX-XX-XXXX"
- pattern: "dbo.users.email"
mask: "***@***.***"Pattern format: [schema.]table.column (use * as wildcard)
Authentication
Method | Config | Requirements |
SQL Server |
|
|
Windows (NTLM) |
|
|
Windows (SSPI) |
| No credentials needed; requires |
Azure AD |
|
|
Windows Authentication
NTLM — Works out of the box, no extra packages:
connection:
host: YOUR_SERVER\SQLEXPRESS
authentication:
type: windows
user: YourUsername
password: YourPassword
domain: YOUR_DOMAIN
trustServerCertificate: trueSSPI / Integrated Security — Uses current Windows login session:
npm install msnodesqlv8connection:
host: YOUR_SERVER\SQLEXPRESS
authentication:
type: windows
trustServerCertificate: trueNote: When using
npx, optional dependencies likemsnodesqlv8may not be installed automatically. For SSPI, consider installing globally (npm install -g @tugberkgunver/mcp-sqlserver msnodesqlv8) or use NTLM mode instead.
Transport
stdio (Default)
Standard input/output transport — used by MCP clients like Claude Desktop, VS Code, Cursor, etc.
Streamable HTTP
For remote hosting or web integrations:
mcp-sqlserver --config mssql-mcp.yaml --http 3000This starts:
MCP endpoint:
http://localhost:3000/mcpHealth check:
http://localhost:3000/health→{"status":"ok","mode":"readonly"}
Includes CORS support for browser-based clients.
Quick Start
Install
npm install -g @tugberkgunver/mcp-sqlserverConfigure
Create mssql-mcp.yaml in your working directory:
connection:
host: localhost
port: 1433
database: MyDatabase
authentication:
type: sql
user: sa
password: YourPassword123
trustServerCertificate: true
security:
mode: readonly
maxRowCount: 1000
blockedDatabases:
- master
- msdb
- tempdb
- modelSee config.example.yaml for all options.
Multi-Server Configuration
Define multiple named servers to manage dev/staging/prod from a single config:
defaultServer: dev
connections:
dev:
host: dev-server.example.com
database: MyDatabase
authentication:
type: sql
user: sa
password: DevPass123
trustServerCertificate: true
security:
mode: admin
maxRowCount: 5000
prod:
host: prod-server.example.com
database: MyDatabase
authentication:
type: sql
user: readonly_user
password: ProdReadOnly
security:
mode: readonly
blockedDatabases: [master, msdb, tempdb, model]
# Global security defaults (applied to all servers unless overridden)
security:
maxRowCount: 1000
blockedKeywords: [xp_cmdshell, SHUTDOWN, DROP DATABASE]Then use the server parameter in any tool call:
list_tables(server: "prod", database: "MyDatabase")
health_check(server: "dev")
compare_schemas(source_database: "DevDB", target_database: "StagingDB", server: "dev")MCP Client Configuration
{
"mcpServers": {
"mssql": {
"command": "npx",
"args": ["-y", "@tugberkgunver/mcp-sqlserver"],
"env": {
"MSSQL_HOST": "localhost",
"MSSQL_DATABASE": "MyDatabase",
"MSSQL_USER": "sa",
"MSSQL_PASSWORD": "YourPassword123"
}
}
}
}With a config file:
{
"mcpServers": {
"mssql": {
"command": "npx",
"args": ["-y", "@tugberkgunver/mcp-sqlserver", "--config", "/path/to/mssql-mcp.yaml"]
}
}
}Add to .vscode/mcp.json:
{
"servers": {
"mssql": {
"command": "npx",
"args": ["-y", "@tugberkgunver/mcp-sqlserver"],
"env": {
"MSSQL_HOST": "localhost",
"MSSQL_DATABASE": "MyDatabase",
"MSSQL_USER": "sa",
"MSSQL_PASSWORD": "YourPassword123"
}
}
}
}Add to ~/.cursor/mcp.json:
{
"mcpServers": {
"mssql": {
"command": "npx",
"args": ["-y", "@tugberkgunver/mcp-sqlserver"],
"env": {
"MSSQL_HOST": "localhost",
"MSSQL_DATABASE": "MyDatabase",
"MSSQL_USER": "sa",
"MSSQL_PASSWORD": "YourPassword123"
}
}
}
}Add to .kiro/settings/mcp.json:
{
"mcpServers": {
"mssql": {
"command": "npx",
"args": ["-y", "@tugberkgunver/mcp-sqlserver"],
"env": {
"MSSQL_HOST": "localhost",
"MSSQL_DATABASE": "MyDatabase",
"MSSQL_USER": "sa",
"MSSQL_PASSWORD": "YourPassword123"
}
}
}
}Add to ~/.gemini/settings.json:
{
"mcpServers": {
"mssql": {
"command": "npx",
"args": ["-y", "@tugberkgunver/mcp-sqlserver"],
"env": {
"MSSQL_HOST": "localhost",
"MSSQL_DATABASE": "MyDatabase",
"MSSQL_USER": "sa",
"MSSQL_PASSWORD": "YourPassword123"
}
}
}
}{
"mcpServers": {
"mssql": {
"command": "npx",
"args": ["-y", "@tugberkgunver/mcp-sqlserver"],
"env": {
"MSSQL_HOST": "localhost",
"MSSQL_DATABASE": "MyDatabase",
"MSSQL_USER": "sa",
"MSSQL_PASSWORD": "YourPassword123"
}
}
}
}Add to ~/.windsurf/mcp.json:
{
"mcpServers": {
"mssql": {
"command": "npx",
"args": ["-y", "@tugberkgunver/mcp-sqlserver"],
"env": {
"MSSQL_HOST": "localhost",
"MSSQL_DATABASE": "MyDatabase",
"MSSQL_USER": "sa",
"MSSQL_PASSWORD": "YourPassword123"
}
}
}
}On Windows, use cmd as the command wrapper:
{
"mcpServers": {
"mssql": {
"command": "cmd",
"args": ["/c", "npx", "-y", "@tugberkgunver/mcp-sqlserver", "--config", "path/to/config.yaml"]
}
}
}Environment Variables
Variable | Description |
| SQL Server hostname |
| SQL Server port (default: 1433) |
| Default database |
| SQL auth username |
| SQL auth password |
| Path to YAML config file |
Environment variables override config file values.
Development
git clone https://github.com/gunvertugberk/mcp-sqlserver.git
cd mcp-sqlserver
npm install
npm run build
npm start -- --config ./mssql-mcp.yamlLicense
MIT
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/gunvertugberk/mcp-sqlserver'
If you have feedback or need assistance with the MCP directory API, please join our Discord server