postgrest-mcp
Allows interaction with a PostgreSQL database via PostgREST, enabling schema discovery, CRUD operations, filtering, resource embedding, and RPC calls.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@postgrest-mcpget the first 10 records from the orders table"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
@node2flow/postgrest-mcp
MCP server for PostgREST — a standalone web server that turns PostgreSQL databases into RESTful APIs. 10 tools for schema discovery, CRUD operations, filtering, resource embedding, and RPC via the Model Context Protocol.
Quick Start
Claude Desktop / Cursor
Add to your MCP config:
{
"mcpServers": {
"postgrest": {
"command": "npx",
"args": ["-y", "@node2flow/postgrest-mcp"],
"env": {
"POSTGREST_URL": "http://localhost:3000",
"POSTGREST_TOKEN": "your-jwt-token"
}
}
}
}Note: JWT token is optional. If PostgREST has an anonymous role configured (
db-anon-role), schema and read operations work without authentication.
HTTP Mode
POSTGREST_URL=http://localhost:3000 POSTGREST_TOKEN=your-jwt npx @node2flow/postgrest-mcp --httpMCP endpoint: http://localhost:3000/mcp
Cloudflare Worker
Available at: https://postgrest-mcp-community.node2flow.net/mcp
POST https://postgrest-mcp-community.node2flow.net/mcp?POSTGREST_URL=http://your-server:3000&POSTGREST_TOKEN=your-jwtRelated MCP server: postgres-mcp
Tools (10)
Schema (2) — No Auth Required (with anonymous role)
Tool | Description |
| Get OpenAPI schema — lists all tables, views, functions |
| Get column details, types, constraints for a table/view |
Read (3) — Read-Only
Tool | Description |
| Query records with filters, select, order, pagination |
| Count records (exact, planned, or estimated) |
| Call PostgreSQL functions/procedures via RPC |
Write (5) — Requires Auth
Tool | Description | Risk |
| Insert one or more records | Safe |
| Update records matching a filter | Safe (filter required) |
| Insert or update on conflict | Safe |
| Delete records matching a filter | Destructive |
| Full replace (PUT) a single record | Safe |
Filter Syntax
PostgREST uses a powerful filter syntax on query parameters:
# Comparison
age=gt.18 # greater than
status=eq.active # equals
price=lte.100 # less than or equal
# Pattern matching
name=ilike.*john* # case-insensitive LIKE
email=like.*@gmail.com # case-sensitive LIKE
# Lists and NULL
id=in.(1,2,3) # IN list
deleted_at=is.null # NULL check
# Logic
or=(age.lt.18,age.gt.65) # OR conditions
not.status=eq.inactive # NOT
# Full-text search
content=fts.postgresql # full-text search
# Array/JSONB
tags=cs.{tech,api} # array containsResource Embedding (JOINs)
Query related tables using the select parameter:
*,orders(*) — embed all columns from related table
id,name,orders(id,total,status) — specific columns from embed
id,author:user_id(name,email) — renamed embedFilter on embedded resources:
select: id,name,orders(*)
filter: orders.status=eq.completedConfiguration
Parameter | Required | Description |
| Yes | PostgREST server URL (e.g. |
| No | JWT token for authenticated requests |
JWT Authentication
PostgREST uses JSON Web Tokens (JWT) for stateless authentication.
Configure
jwt-secretin your PostgREST configGenerate a JWT with the appropriate
roleclaimPass the token via
POSTGREST_TOKENenvironment variable
JWT Claims:
role— Database role name (required for RLS)exp— Token expiration (Unix timestamp)Custom claims accessible in SQL via
current_setting()
Tip: Use
db-anon-rolein PostgREST config for public read-only access without tokens.
Safety
Update and Delete require a filter — prevents accidental full-table operations
Use
pg_count_recordsto verify filter matches before deleteUse
return="representation"to see what was changedUse
pg_describe_tableto check required columns before insert
What is PostgREST?
PostgREST is a standalone web server that:
Turns PostgreSQL tables into CRUD endpoints (GET, POST, PATCH, PUT, DELETE)
Turns views into read-only endpoints
Turns functions into RPC endpoints (
/rpc/function_name)Uses PostgreSQL Row Level Security (RLS) for authorization
Auto-generates an OpenAPI specification
License
MIT License - see LICENSE
Copyright (c) 2026 Node2Flow
Links
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/node2flow-th/postgrest-mcp-community'
If you have feedback or need assistance with the MCP directory API, please join our Discord server