SmartPro MCP Server
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@SmartPro MCP Serverlist recent contracts"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
SmartPro MCP Server
A basic skeleton for building an MCP (Model Context Protocol) server.
Setup
Install dependencies:
npm installConfigure environment variables:
Copy
.env.exampleto.envFill in the required environment variables:
SUPABASE_URL- Your Supabase project URL (required)SUPABASE_SERVICE_ROLE_KEY- Your Supabase service role key (required)MCP_PORT- Port number for MCP server (required)HUB_BASE_URL- Base URL for Hub API (optional)CONTRACTS_BASE_URL- Base URL for Contracts API (optional)
Build the project:
npm run buildRun in development mode:
npm run devRun the built server:
npm startRelated MCP server: SupaMCPBuilder
Environment Variables
The server uses strict environment variable validation with Zod. The server will fail fast at startup if required environment variables are missing or invalid.
Required Variables
SUPABASE_URL- Supabase project URLSUPABASE_SERVICE_ROLE_KEY- Supabase service role key (server-side only)MCP_PORT- Port number for the MCP server
Optional Variables
HUB_BASE_URL- Base URL for Hub platform API callsCONTRACTS_BASE_URL- Base URL for Contracts platform API callsLOG_LEVEL- Logging level (debug, info, warn, error) - default:infoAUDIT_ENABLED- Enable audit logging (true/false) - default:trueNODE_ENV- Node environment (development, production, test) - default:development
Structure
src/index.ts- Main server file with handlers for tools, resources, and promptssrc/config/env.ts- Environment variable validation with Zodsrc/auth/- Authentication and context resolution (JWT verification, tenant/role extraction)src/rbac/- Role-based access control (permissions, authorization)src/audit/- Audit logging for tool callssrc/tools/- Tool implementations (hub, contracts)src/resources/- Resource implementations (hub, contracts, identity)src/common/- Common utilities (errors, schemas)migrations/- Database migrations (audit table)package.json- Project dependencies and scriptstsconfig.json- TypeScript configuration
Authentication & Authorization (DB-First)
The server uses Supabase JWT tokens for authentication with database-first resolution for security:
Token Source: The platform (Next.js API) passes Supabase access tokens via
Authorization: Bearer <token>header or in request metadata.Context Resolution (DB-First):
Step 1: Verify JWT → extract
user_id(sub claim)Step 2: Query database → resolve
tenant_idandrolefrom database (source of truth)Step 3: Build context with
userId,tenantId(from DB),role(from DB), andpermissions
Security: tenant_id and role are never trusted from JWT claims in production. This prevents privilege escalation if JWT metadata is tampered with.
Database Configuration: Configure where tenant/role are stored via environment variables (see
.env.example). Defaults work for common Supabase patterns (profilestable).RBAC: Tools check permissions before execution using the
requirePermission()function.Development Fallback: In
NODE_ENV=development, if DB lookup fails, falls back to JWT claims with a warning. In production, DB lookup failure is an authentication error.
Audit Logging
All tool calls are logged to the mcp_tool_audit_logs table in Supabase:
Tenant isolation: Logs are scoped by tenant_id
Sensitive data redaction: Passwords, tokens, etc. are automatically redacted
Entity references: Automatically extracts entity IDs (booking_id, invoice_id, etc.)
Performance tracking: Latency is recorded for each call
Error tracking: Failed calls are logged with error messages
Database Migration
Run the migration to create the audit table:
-- See migrations/001_create_mcp_tool_audit_logs.sqlImplementation
To implement your MCP server:
Environment Setup: Configure required environment variables (see
.env.example)Database Migration: Run the audit table migration in Supabase
Tools: Implement tool handlers in
src/tools/with proper permission checksResources: Implement resource handlers in
src/resources/with tenant isolationPrompts: Add prompt definitions in the
ListPromptsRequestSchemahandler
MCP Configuration
To use this server with Cursor or other MCP clients, add it to your MCP configuration file (e.g., ~/.cursor/mcp.json):
{
"mcpServers": {
"smartpro-mcp-server": {
"command": "node",
"args": ["path/to/smartpro-mcp-server/dist/index.js"]
}
}
}This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/AbuAli85/smartpro-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server