Model Context Protocol (MCP)

3 min read

Model Context Protocol (MCP)

PgArachne natively supports the Model Context Protocol (MCP), an open standard that allows AI models (like Claude or Cursor) to safely access your data and functions as “tools”.

How Does It Work?

PgArachne acts directly as an MCP Server. Instead of writing a custom HTTP server for each project, simply run PgArachne on top of your database. PgArachne automatically analyzes your permitted SQL functions and exposes them to AI clients via HTTP(S).

🛠️ SQL Functions as Tools

Any SQL function accessible via PgArachne’s JSON-RPC 2.0 endpoint automatically becomes a “tool” available to the AI. The default behavior (calling pgarachne.allowed_schemas()) exposes functions stored in the api schema that the authenticated user has access to (via GRANT EXECUTE). The LLM sees the function name, parameters, and description from SQL comments.

Connection Guide

1 a. Authentication — API Token (Recommended for Production)

For a permanent AI connection, use a long-lived API token. The token must be generated by an administrator (a member of the pgarachne_admin role):

-- Switch to the administrator role
SET ROLE pgarachne_admin;

-- Generate a new token for the target role (e.g., 'app_user')
SELECT pgarachne.add_api_token('Claude Desktop', 'app_user');

Save the returned string. Use it as Authorization: Bearer YOUR_API_TOKEN in the AI client configuration.

1 b. Authentication — Direct Credentials (Development & Simple Setups)

Alternatively, send the PostgreSQL username and password directly using HTTP Basic Authentication. No API token management is required, and no GRANT … TO pgarachne is needed — PgArachne connects directly as the specified user.

Authorization: Basic <base64(username:password)>

Use this approach for local testing or internal tools where credentials are already managed securely. For production AI integrations with cloud clients, API tokens are preferable.

2. Claude Desktop

Add PgArachne to your Claude Desktop configuration (~/Library/Application Support/Claude/claude_desktop_config.json):

{
  "mcpServers": {
    "pgarachne": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-http",
        "--url",
        "https://your-api.com/db/my_database/mcp"
      ],
      "env": {
        "Authorization": "Bearer YOUR_API_TOKEN"
      }
    }
  }
}

Note: HTTP(S) is required for the connection. The example uses the server-http npx bridge from Anthropic, which acts as an intermediary between standard MCP (stdio) and PgArachne (HTTP).

3. Cursor

In Cursor settings (Settings > MCP), add a new server communicating directly via HTTP (or using the bridge mentioned above if your version of Cursor does not support native HTTP MCP servers):

  • Type: command (with npx bridge) or http
  • Name: PgArachne
  • URL: https://your-api.com/db/my_database/mcp
  • Auth Header: Authorization: Bearer YOUR_API_TOKEN

🌐 Public Accessibility (Ngrok)

If you are testing PgArachne locally and want to connect it to a cloud-based AI client (outside local installations), your server must be publicly accessible via an HTTP(S) URL.

# Run ngrok for the HTTP PgArachne port (e.g., 8080)
ngrok http 8080

Then use the generated HTTPS address from Ngrok in the AI configuration.

Security

The MCP endpoint fully respects PostgreSQL’s permission system:

  • Authentication: Every request requires a valid API token, JWT, or HTTP Basic credentials; unauthenticated requests are rejected immediately.
  • Authorization: The AI can see and call only those functions in allowed schemas for which the authenticated role has GRANT EXECUTE.
  • RLS: Row-Level Security is fully active — the AI sees only the rows the specific role has access to.

See Security & Authentication for a full comparison of all supported authentication methods.