How to integrate Supabase MCP with Vercel AI SDK v6

This guide walks you through connecting Supabase to Vercel AI SDK v6 using the Composio tool router. By the end, you'll have a working Supabase agent that can create a new secret api key for your project, list all third-party auth providers configured, delete google oauth from your supabase project through natural language commands. This guide will help you understand how to give your Vercel AI SDK agent real control over a Supabase account through Composio's Supabase MCP server. Before we dive in, let's take a quick look at the key ideas and tools involved.

Get started for free Get a demo

Supabase

Oauth2Api Key

Supabase is an open-source backend platform offering scalable Postgres databases, authentication, storage, and real-time APIs. It lets developers build modern apps without managing infrastructure.

116 Tools

Managed auth

Connect Supabase without auth hassles

We manage OAuth, API keys, token refresh, and scopes — you just build.

Try for free

Introduction

This guide will help you understand how to give your Vercel AI SDK agent real control over a Supabase account through Composio's Supabase MCP server.

Before we dive in, let's take a quick look at the key ideas and tools involved.

Also integrate Supabase with

ChatGPT OpenAI Agents SDK Claude Agent SDK Claude Code Claude Cowork Codex OpenCode Cursor VS Code OpenClaw Hermes CLI Google ADK LangChain Mastra AI LlamaIndex CrewAI

TL;DR

Here's what you'll learn:

How to set up and configure a Vercel AI SDK agent with Supabase integration
Using Composio's Tool Router to dynamically load and access Supabase tools
Creating an MCP client connection using HTTP transport
Building an interactive CLI chat interface with conversation history management
Handling tool calls and results within the Vercel AI SDK framework

What is Vercel AI SDK?

The Vercel AI SDK is a TypeScript library for building AI-powered applications. It provides tools for creating agents that can use external services and maintain conversation state.

Key features include:

streamText: Core function for streaming responses with real-time tool support
MCP Client: Built-in support for Model Context Protocol via @ai-sdk/mcp
Step Counting: Control multi-step tool execution with stopWhen: stepCountIs()
OpenAI Provider: Native integration with OpenAI models

What is the Supabase MCP server, and what's possible with it?

The Supabase MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Supabase account. It provides structured and secure access to your Supabase projects, so your agent can perform actions like managing API keys, configuring authentication, and handling custom domains on your behalf.

API key management: Create, update, or permanently delete project API keys, including setting descriptions and customizing JWT templates for secure access control.
Third-party auth integration control: List, retrieve, or remove third-party authentication providers (like Google or GitHub) from your Supabase project to tailor user sign-in options.
Custom domain and subdomain setup: Activate custom hostnames or vanity subdomains for your Supabase project, ensuring your app is accessible at a branded URL after DNS verification.
OAuth authorization handling: Generate OAuth 2.0 authorization URLs for secure user authentication flows, supporting seamless integration with registered apps.
Subdomain availability checks: Instantly verify if a desired vanity subdomain is available for your project before making DNS changes or launching branded experiences.

What is the Composio tool router, and how does it fit here?

What is Composio SDK?

Composio's Composio SDK helps agents find the right tools for a task at runtime. You can plug in multiple toolkits (like Gmail, HubSpot, and GitHub), and the agent will identify the relevant app and action to complete multi-step workflows. This can reduce token usage and improve the reliability of tool calls. Read more here: Getting started with Composio SDK

The tool router generates a secure MCP URL that your agents can access to perform actions.

How the Composio SDK works

The Composio SDK follows a three-phase workflow:

Discovery: Searches for tools matching your task and returns relevant toolkits with their details.
Authentication: Checks for active connections. If missing, creates an auth config and returns a connection URL via Auth Link.
Execution: Executes the action using the authenticated connection.

Step-by-step Guide

Step by step09 STEPS

Prerequisites

Before you begin, make sure you have:

Node.js and npm installed
A Composio account with API key
An OpenAI API key

Getting API Keys for OpenAI and Composio

OpenAI API Key

Go to the OpenAI dashboard and create an API key. You'll need credits to use the models, or you can connect to another model provider.
Keep the API key safe.

Composio API Key

Log in to the Composio dashboard.
Navigate to your API settings and generate a new API key.
Store this key securely as you'll need it for authentication.

Install required dependencies

bash

npm install @ai-sdk/openai @ai-sdk/mcp @composio/core ai dotenv

First, install the necessary packages for your project.

What you're installing:

@ai-sdk/openai: Vercel AI SDK's OpenAI provider
@ai-sdk/mcp: MCP client for Vercel AI SDK
@composio/core: Composio SDK for tool integration
ai: Core Vercel AI SDK
dotenv: Environment variable management

Set up environment variables

bash

OPENAI_API_KEY=your_openai_api_key_here
COMPOSIO_API_KEY=your_composio_api_key_here
COMPOSIO_USER_ID=your_user_id_here

Create a .env file in your project root.

What's needed:

OPENAI_API_KEY: Your OpenAI API key for GPT model access
COMPOSIO_API_KEY: Your Composio API key for tool access
COMPOSIO_USER_ID: A unique identifier for the user session

Import required modules and validate environment

typescript

import "dotenv/config";
import { openai } from "@ai-sdk/openai";
import { Composio } from "@composio/core";
import * as readline from "readline";
import { streamText, type ModelMessage, stepCountIs } from "ai";
import { createMCPClient } from "@ai-sdk/mcp";

const composioAPIKey = process.env.COMPOSIO_API_KEY;
const composioUserID = process.env.COMPOSIO_USER_ID;

if (!process.env.OPENAI_API_KEY) throw new Error("OPENAI_API_KEY is not set");
if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set");
if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set");

const composio = new Composio({
  apiKey: composioAPIKey,
});

What's happening:

We're importing all necessary libraries including Vercel AI SDK's OpenAI provider and Composio
The dotenv/config import automatically loads environment variables
The MCP client import enables connection to Composio's tool server

Create Tool Router session and initialize MCP client

typescript

async function main() {
  // Create a tool router session for the user
  const session = await composio.create(composioUserID!, {
    toolkits: ["supabase"],
  });

  const mcpUrl = session.mcp.url;

What's happening:

We're creating a Tool Router session that gives your agent access to Supabase tools
The create method takes the user ID and specifies which toolkits should be available
The returned mcp object contains the URL and authentication headers needed to connect to the MCP server
This session provides access to all Supabase-related tools through the MCP protocol

Connect to MCP server and retrieve tools

typescript

const mcpClient = await createMCPClient({
  transport: {
    type: "http",
    url: mcpUrl,
    headers: session.mcp.headers, // Authentication headers for the Composio MCP server
  },
});

const tools = await mcpClient.tools();

What's happening:

We're creating an MCP client that connects to our Composio Tool Router session via HTTP
The mcp.url provides the endpoint, and mcp.headers contains authentication credentials
The type: "http" is important - Composio requires HTTP transport
tools() retrieves all available Supabase tools that the agent can use

Initialize conversation and CLI interface

typescript

let messages: ModelMessage[] = [];

console.log("Chat started! Type 'exit' or 'quit' to end the conversation.\n");
console.log(
  "Ask any questions related to supabase, like summarize my last 5 emails, send an email, etc... :)))\n",
);

const rl = readline.createInterface({
  input: process.stdin,
  output: process.stdout,
  prompt: "> ",
});

rl.prompt();

What's happening:

We initialize an empty messages array to maintain conversation history
A readline interface is created to accept user input from the command line
Instructions are displayed to guide the user on how to interact with the agent

Handle user input and stream responses with real-time tool feedback

typescript

rl.on("line", async (userInput: string) => {
  const trimmedInput = userInput.trim();

  if (["exit", "quit", "bye"].includes(trimmedInput.toLowerCase())) {
    console.log("\nGoodbye!");
    rl.close();
    process.exit(0);
  }

  if (!trimmedInput) {
    rl.prompt();
    return;
  }

  messages.push({ role: "user", content: trimmedInput });
  console.log("\nAgent is thinking...\n");

  try {
    const stream = streamText({
      model: openai("gpt-5"),
      messages,
      tools,
      toolChoice: "auto",
      stopWhen: stepCountIs(10),
      onStepFinish: (step) => {
        for (const toolCall of step.toolCalls) {
          console.log(`[Using tool: ${toolCall.toolName}]`);
          }
          if (step.toolCalls.length > 0) {
            console.log(""); // Add space after tool calls
          }
        },
      });

      for await (const chunk of stream.textStream) {
        process.stdout.write(chunk);
      }

      console.log("\n\n---\n");

      // Get final result for message history
      const response = await stream.response;
      if (response?.messages?.length) {
        messages.push(...response.messages);
      }
    } catch (error) {
      console.error("\nAn error occurred while talking to the agent:");
      console.error(error);
      console.log(
        "\nYou can try again or restart the app if it keeps happening.\n",
      );
    } finally {
      rl.prompt();
    }
  });

  rl.on("close", async () => {
    await mcpClient.close();
    console.log("\n👋 Session ended.");
    process.exit(0);
  });
}

main().catch((err) => {
  console.error("Fatal error:", err);
  process.exit(1);
});

What's happening:

We use streamText instead of generateText to stream responses in real-time
toolChoice: "auto" allows the model to decide when to use Supabase tools
stopWhen: stepCountIs(10) allows up to 10 steps for complex multi-tool operations
onStepFinish callback displays which tools are being used in real-time
We iterate through the text stream to create a typewriter effect as the agent responds
The complete response is added to conversation history to maintain context
Errors are caught and displayed with helpful retry suggestions

Complete Code

Here's the complete code to get you started with Supabase and Vercel AI SDK:

typescript

import "dotenv/config";
import { openai } from "@ai-sdk/openai";
import { Composio } from "@composio/core";
import * as readline from "readline";
import { streamText, type ModelMessage, stepCountIs } from "ai";
import { createMCPClient } from "@ai-sdk/mcp";

const composioAPIKey = process.env.COMPOSIO_API_KEY;
const composioUserID = process.env.COMPOSIO_USER_ID;

if (!process.env.OPENAI_API_KEY) throw new Error("OPENAI_API_KEY is not set");
if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set");
if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set");

const composio = new Composio({
  apiKey: composioAPIKey,
});

async function main() {
  // Create a tool router session for the user
  const session = await composio.create(composioUserID!, {
    toolkits: ["supabase"],
  });

  const mcpUrl = session.mcp.url;

  const mcpClient = await createMCPClient({
    transport: {
      type: "http",
      url: mcpUrl,
      headers: session.mcp.headers, // Authentication headers for the Composio MCP server
    },
  });

  const tools = await mcpClient.tools();

  let messages: ModelMessage[] = [];

  console.log("Chat started! Type 'exit' or 'quit' to end the conversation.\n");
  console.log(
    "Ask any questions related to supabase, like summarize my last 5 emails, send an email, etc... :)))\n",
  );

  const rl = readline.createInterface({
    input: process.stdin,
    output: process.stdout,
    prompt: "> ",
  });

  rl.prompt();

  rl.on("line", async (userInput: string) => {
    const trimmedInput = userInput.trim();

    if (["exit", "quit", "bye"].includes(trimmedInput.toLowerCase())) {
      console.log("\nGoodbye!");
      rl.close();
      process.exit(0);
    }

    if (!trimmedInput) {
      rl.prompt();
      return;
    }

    messages.push({ role: "user", content: trimmedInput });
    console.log("\nAgent is thinking...\n");

    try {
      const stream = streamText({
        model: openai("gpt-5"),
        messages,
        tools,
        toolChoice: "auto",
        stopWhen: stepCountIs(10),
        onStepFinish: (step) => {
          for (const toolCall of step.toolCalls) {
            console.log(`[Using tool: ${toolCall.toolName}]`);
          }
          if (step.toolCalls.length > 0) {
            console.log(""); // Add space after tool calls
          }
        },
      });

      for await (const chunk of stream.textStream) {
        process.stdout.write(chunk);
      }

      console.log("\n\n---\n");

      // Get final result for message history
      const response = await stream.response;
      if (response?.messages?.length) {
        messages.push(...response.messages);
      }
    } catch (error) {
      console.error("\nAn error occurred while talking to the agent:");
      console.error(error);
      console.log(
        "\nYou can try again or restart the app if it keeps happening.\n",
      );
    } finally {
      rl.prompt();
    }
  });

  rl.on("close", async () => {
    await mcpClient.close();
    console.log("\n👋 Session ended.");
    process.exit(0);
  });
}

main().catch((err) => {
  console.error("Fatal error:", err);
  process.exit(1);
});

Conclusion

You've successfully built a Supabase agent using the Vercel AI SDK with streaming capabilities! This implementation provides a powerful foundation for building AI applications with natural language interfaces and real-time feedback.

Key features of this implementation:

Real-time streaming responses for a better user experience with typewriter effect
Live tool execution feedback showing which tools are being used as the agent works
Dynamic tool loading through Composio's Tool Router with secure authentication
Multi-step tool execution with configurable step limits (up to 10 steps)
Comprehensive error handling for robust agent execution
Conversation history maintenance for context-aware responses

You can extend this further by adding custom error handling, implementing specific business logic, or integrating additional Composio toolkits to create multi-app workflows.

TOOLS

Supported Tools

Every Supabase action and event your agent gets out of the box.

Create project api key

Creates a 'publishable' or 'secret' API key for an existing Supabase project, optionally with a description; 'secret' keys can have customized JWT templates.

Delete an API key from the project

Permanently deletes a specific API key (identified by `id`) from a Supabase project (identified by `ref`), revoking its access.

Delete third party auth config

Removes a third-party authentication provider (e.

Get a third-party integration

Retrieves the detailed configuration for a specific third-party authentication (TPA) provider, identified by `tpa_id`, within an existing Supabase project specified by `ref`.

List third-party auth integrations for project

Lists all configured third-party authentication provider integrations for an existing Supabase project (using its `ref`), suitable for read-only auditing or verifying current authentication settings.

Update an API key for the project

Updates an existing Supabase project API key's `description` and/or `secret_jwt_template` (which defines its `role`); does not regenerate the key string.

Apply a database migration

Tool to apply database migrations to a Supabase project.

Beta activate custom hostname for project

Activates a previously configured custom hostname for a Supabase project, assuming DNS settings are verified externally.

Activate vanity subdomain for project

Activates a vanity subdomain for the specified Supabase project (e.

Authorize user through OAuth

Generates a Supabase OAuth 2.

Check vanity subdomain availability

Checks if a specific vanity subdomain is available for a Supabase project; this action does not reserve or assign the subdomain.

Setup read replica for project

Provisions a read-only replica for a Supabase project in a specified, Supabase-supported AWS region to enhance read performance and reduce latency.

Enable project database webhooks

Enables database webhooks for the Supabase project `ref`, triggering real-time notifications for INSERT, UPDATE, or DELETE events.

Beta get project's custom hostname config

Retrieves a Supabase project's custom hostname configuration, including its status, SSL certificate, and ownership verification, noting that availability may depend on the project's plan.

Retrieve network bans for project

Retrieves the list of banned IPv4 addresses for a Supabase project using its unique project reference string; this is a read-only operation.

Get project network restrictions

Retrieves the network restriction settings (IP allowlists) for a Supabase project.

Get project pgsodium config

Retrieves the PGSodium configuration, including the root encryption key, for an existing Supabase project identified by its `ref`.

Get project SSL enforcement configuration

Retrieves the SSL enforcement configuration for a specified Supabase project, indicating if SSL connections are mandated for its database.

Get current vanity subdomain config

Fetches the current vanity subdomain configuration, including its status and custom domain name, for a Supabase project identified by its reference ID.

Remove project network bans

Removes specified IPv4 addresses from a Supabase project's network ban list, granting immediate access; IPs not currently banned are ignored.

Remove read replica

Remove a read replica from a Supabase project (Pro plan or higher required).

Execute project database query

Executes a given SQL query against the project's database; use for advanced data operations or when standard API endpoints are insufficient, ensuring queries are valid PostgreSQL and sanitized.

Beta update project network restrictions

Updates and applies network access restrictions (IPv4/IPv6 CIDR lists) for a Supabase project, which may terminate existing connections not matching the new rules.

Upgrade the project's PostgreSQL version

Initiates an asynchronous upgrade of a Supabase project's PostgreSQL database to a specified `target_version` from a selected `release_channel`, returning a `tracking_id` to monitor status; the `target_version` must be available in the chosen channel.

Count action runs

Counts the number of action runs for a Supabase project using a HEAD request.

Create new project

Creates a new Supabase project, requiring a unique name (no dots) within the organization; project creation is asynchronous.

Bulk create secrets

Tool to bulk create secrets for a Supabase project.

Create a database branch

Creates a new, isolated database branch from an existing Supabase project (identified by `ref`), useful for setting up separate environments like development or testing, which can optionally be linked to a Git branch.

Create a function

Creates a new serverless Edge Function for a Supabase project (identified by `ref`), requiring valid JavaScript/TypeScript in `body` and a project-unique `slug` identifier.

Create CLI login role

Creates a temporary CLI login role for database access with specified permissions; use when setting up CLI authentication for development or administrative tasks.

Create an organization

Creates a new Supabase organization, which serves as a top-level container for projects, billing, and team access.

Create project signing key

Create a new signing key for JWT authentication in a Supabase project.

Create SSO provider configuration

Creates a new SAML 2.

Create a new third-party auth integration

Call this to add a new third-party authentication method (OIDC or JWKS) to a Supabase project for integrating external identity providers (e.

Delete custom hostname config

Deletes an active custom hostname configuration for the project identified by `ref`, reverting to the default Supabase-provided hostname; this action immediately makes the project inaccessible via the custom domain and requires subsequent updates to client, OAuth, and DNS settings.

Delete branch by id

Permanently and irreversibly deletes a specific, non-default database branch by its `branch_id`, without affecting other branches.

Delete an edge function by slug

Permanently deletes a specific Edge Function (by `function_slug`) from a Supabase project (by `ref`); this action is irreversible and requires prior existence of both project and function.

Delete CLI login roles

[Beta] Deletes existing login roles used by the Supabase CLI for the specified project.

Delete project by ref

Permanently and irreversibly deletes a Supabase project, identified by its unique `ref` ID, resulting in complete data loss.

Delete vanity subdomain for project

Permanently and irreversibly deletes an active vanity subdomain configuration for the specified Supabase project, reverting it to its default Supabase URL.

Bulk delete secrets

Tool to bulk delete secrets from a Supabase project.

Remove an SSO provider

Deletes a specific SSO provider by its ID (`provider_id`) from a Supabase project (`ref`), which disables it and returns its details; ensure this action will not inadvertently lock out users.

Deploy function

Deploys Edge Functions to a Supabase project using multipart upload.

Disable preview branching

Disables the preview branching feature for an existing Supabase project, identified by its unique reference ID (`ref`).

Disable project readonly mode

Temporarily disables a Supabase project's read-only mode for 15 minutes to allow write operations (e.

Exchange auth code for access and refresh token

(Beta) Implements the OAuth 2.

Generate TypeScript types

Generates and retrieves TypeScript types from a Supabase project's database; any schemas specified in `included_schemas` must exist in the project.

Get action run status

Retrieves the status and details of a specific action run, including its steps, timestamps, and configuration.

Get action run logs

Retrieves the execution logs for a specific action run by its ID.

Get Available Regions

Tool to get the list of available regions for creating a new Supabase project.

Get a database branch

Retrieves detailed information about a specific database branch by its name and project reference.

Get database branch config

Retrieves the read-only configuration and status for a Supabase database branch, typically for monitoring or verifying its settings.

Retrieve a function

Retrieves detailed information, metadata, configuration, and status for a specific Edge Function using its project reference ID and function slug.

Retrieve a function body

Retrieves the source code (body) for a specified serverless Edge Function using its project reference and function slug; this is a read-only operation that does not execute the function or return runtime logs.

Get API Health Status

Tool to check the health status of the Supabase API.

Get JIT access config

[Beta] Retrieves the project's just-in-time (JIT) access configuration, including user roles and their expiration settings.

Get a migration

Retrieves a specific database migration entry from the migration history using its version identifier.

Get information about an organization

Fetches comprehensive details for a specific Supabase organization using its unique slug.

Get project

Retrieves detailed information about a specific Supabase project by its unique reference ID.

Get project API key

Retrieves details of a specific API key for a Supabase project by its UUID.

Get project API keys

Retrieves all API keys for an existing Supabase project, specified by its unique reference ID (`ref`); this is a read-only operation.

Get project logs

Retrieves analytics logs for a Supabase project.

Get project PgBouncer config

Retrieves the active PgBouncer configuration (PostgreSQL connection pooler) for a Supabase project, used for performance tuning, auditing, or getting the connection string.

Get project postgres config

Retrieves the current read-only PostgreSQL database configuration for a specified Supabase project's `ref`, noting that some advanced or security-sensitive details might be omitted from the response.

Get project's PostgREST config

Retrieves the PostgREST configuration for a specific Supabase project.

Get project's read-only mode status

Retrieves the read-only mode status for a specified Supabase project to check its operational state; this action does not change the read-only state.

Get project signing keys

Tool to list all signing keys for a Supabase project.

Get project Supavisor configuration

Retrieves the Supavisor (connection pooler) configuration for a specified Supabase project, identified by its reference ID.

Get Project Upgrade Eligibility

Checks a Supabase project's eligibility for an upgrade, verifying compatibility and identifying potential issues; this action does not perform the actual upgrade.

Get project upgrade status

Retrieves the latest status of a Supabase project's database upgrade for monitoring purposes; does not initiate or modify upgrades.

Get TUS resumable upload base options

Handles OPTIONS request for TUS Resumable uploads to discover server capabilities.

Get TUS resumable upload options

Handles OPTIONS request for TUS Resumable uploads to discover server capabilities.

Get project's auth config

Retrieves the project's complete read-only authentication configuration, detailing all settings (e.

Get project's service health status

Retrieves the current health status for a Supabase project, for specified services or all services if the 'services' list is omitted.

Get a specific SQL snippet

Retrieves a specific SQL snippet by its unique identifier.

Get a SSO provider by its UUID

Retrieves the configuration details for a specific Single Sign-On (SSO) provider (e.

Get Table Schemas

Retrieves column details, types, and constraints for multiple database tables to help debug schema issues and write accurate SQL queries.

OPTIONS for resumable upload sign

Handles CORS preflight OPTIONS request for TUS resumable upload signing.

OPTIONS for resumable upload sign

Handles CORS preflight OPTIONS request for TUS resumable upload signing endpoints.

Invoke Edge Function

Tool to invoke a deployed Supabase Edge Function over HTTPS.

List all organizations

Lists all organizations (ID and name only) associated with the Supabase account, excluding project details within these organizations.

List all projects

Retrieves a list of all Supabase projects, including their ID, name, region, and status, for the authenticated user.

List project database backups

Lists all database backups for a Supabase project, providing details on existing backups but not creating new ones or performing restores; availability may depend on plan and configuration.

List all buckets

Retrieves a list of all storage buckets for a Supabase project, without returning bucket contents or access policies.

List all database branches

Lists all database branches for a specified Supabase project, used for isolated development and testing of schema changes; ensure the project reference ID is valid.

List all functions

Lists metadata for all Edge Functions in a Supabase project (specified by 'ref'), excluding function code or logs; the project must exist.

List migration history

Retrieves the list of applied database migration versions for a Supabase project.

List members of an organization

Retrieves all members of a Supabase organization, identified by its unique slug, including their user ID, username, email, role, and MFA status.

List all secrets

Retrieves all secrets for a Supabase project using its reference ID; secret values in the response may be masked.

List SQL snippets for the logged in user

Retrieves a list of SQL snippets for the logged-in user, optionally filtered by a specific Supabase project if `project_ref` is provided.

List all SSO providers

Lists all configured Single Sign-On (SSO) providers for a Supabase project, requiring the project reference ID (`ref`) of an existing project.

List Database Tables

Lists all tables and views in specified database schemas, providing a quick overview of database structure to help identify available tables before fetching detailed schemas.

Patch a migration

[Beta] Patches an existing entry in the project's migration history, updating the name or rollback script.

Patch project network restrictions

Updates project's network restrictions by incrementally adding or removing IPv4/IPv6 CIDR blocks.

Push a database branch

Pushes a database branch, applying migrations and changes to the specified branch.

Reset a database branch

Resets an existing Supabase database branch, identified by `branch_id`, to its initial clean state, irreversibly deleting all its current data and schema changes.

Restore database PITR backup

Restores a Supabase project's database to a specific Unix timestamp using Point-in-Time Recovery (PITR), overwriting the current state; requires a paid plan with PITR and physical backups enabled.

Execute read-only database query

[Beta] Run a SQL query as supabase_read_only_user.

Select From Table

Tool to select rows from a Supabase/PostgREST table.

Update a function

Updates an existing Supabase Edge Function's properties (like name, slug, source code, JWT settings, import map) identified by project `ref` and `function_slug`, supporting plain text code or ESZIP for the body.

Update database branch config

Updates the configuration of a Supabase database branch, allowing modification of its name, associated Git branch, reset-on-push behavior, persistence, and status.

Update database password

Updates the database password for a Supabase project.

Bulk update functions

Tool to bulk update Edge Functions in a Supabase project.

Update JIT access config

[Beta] Update a Supabase project's just-in-time (JIT) access configuration.

Update pgsodium root key

Critically updates or initializes a Supabase project's pgsodium root encryption key for security setup or key rotation, requiring secure backup of the new key to prevent irreversible data loss.

Update a project

Updates a Supabase project's configuration (currently supports updating the project name).

Update project's auth config

Update Supabase project Auth configuration via the Management API.

Update project's custom hostname configuration

Updates the custom hostname for a Supabase project, requiring subsequent DNS changes to a user-controlled domain for SSL certificate issuance and domain ownership.

Update project legacy API keys

Tool to disable or re-enable JWT-based legacy API keys (anon, service_role) for a Supabase project.

Update project's postgres config

Updates specified PostgreSQL configuration parameters for an existing Supabase project (`ref`) to optimize database performance; note that unspecified parameters remain unchanged, and caution is advised as incorrect settings can impact stability or require a restart.

Update project's PostgREST config

Updates PostgREST configuration settings (e.

Update database pooler config

Updates the Supavisor (database pooler) configuration, such as `default_pool_size`, for an existing Supabase project identified by `ref`; the `pool_mode` parameter in the request is deprecated and ignored.

Update SSL enforcement config

Updates the SSL enforcement configuration (enable/disable) for a specified Supabase project's database.

Update an SSO provider by its UUID

Updates an existing SSO provider's SAML metadata, associated email domains, or attribute mappings for a Supabase project, identified by `ref` and `provider_id`.

Upsert migration

Tool to upsert a database migration without applying it.

Reverify custom hostname

Re-verifies DNS and SSL configurations for an existing custom hostname associated with a Supabase project.

FRAMEWORKS

How to build Supabase MCP Agent with another framework

ChatGPT

Use Supabase MCP with ChatGPT

OpenAI Agents SDK

Use Supabase MCP with OpenAI Agents SDK

Claude Agent SDK

Use Supabase MCP with Claude Agent SDK

Claude Code

Use Supabase MCP with Claude Code

Claude Cowork

Use Supabase MCP with Claude Cowork

Codex

Use Supabase MCP with Codex

Cursor

Use Supabase MCP with Cursor

OpenClaw

Use Supabase MCP with OpenClaw

Hermes

Use Supabase MCP with Hermes

CLI

Use Supabase MCP with CLI

Google ADK

Use Supabase MCP with Google ADK

LangChain

Use Supabase MCP with LangChain

Mastra AI

Use Supabase MCP with Mastra AI

LlamaIndex

Use Supabase MCP with LlamaIndex

CrewAI

Use Supabase MCP with CrewAI

OpenCode

Use Supabase MCP with OpenCode

VS Code

Use Supabase MCP with VS Code

MORE TOOLKITS

Explore Other Toolkits

Toolkit marketplace

Codeinterpreter

No Auth

Codeinterpreter is a Python-based coding environment with built-in data analysis and visualization. It lets you instantly run scripts, plot results, and prototype solutions inside supported platforms.

GitHub

Oauth2

GitHub is a code hosting platform for version control and collaborative software development. It streamlines project management, code review, and team workflows in one place.

Ably

Api Key

Ably is a real-time messaging platform for live chat and data sync in modern apps. It offers global scale and rock-solid reliability for seamless, instant experiences.

Abuselpdb

Api Key

Abuselpdb is a central database for reporting and checking IPs linked to malicious online activity. Use it to quickly identify and report suspicious or abusive IP addresses.

FAQ

Frequently asked questions

With a standalone Supabase MCP server, the agents and LLMs can only access a fixed set of Supabase tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Supabase and many other apps based on the task at hand, all through a single MCP endpoint.

Yes, you can. Vercel AI SDK v6 fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Supabase tools.

Yes, absolutely. You can configure which Supabase scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do.

All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Supabase data and credentials are handled as safely as possible.

Start with Supabase.It takes 30 seconds.

Managed auth, hosted MCP servers, and every Supabase tool your agent needs.Free to start.

Start building

Customer stories

Teams ship real agents on Composio

GET STARTED FOR FREE BOOK A DEMO

Karan skipped his own birthday party to fix our critical issue. It was 10pm and he diverted his Waymo to help us instead. This really sets the bar — it shows the commitment you need when users rely on your software.

Harsha Gaddipati

Co-founder, Slashy

A lot of students tell us that the moment their connected tools start talking to each other inside Opennote feels almost magical. The agent just knows them, and it's immensely helped keep new users on the platform.

Abhi Arya

Co-founder, Opennote

We chose Composio over Pipedream because it delivered depth where it mattered — niche tools and tricky edge cases other platforms simply ignored. That gave us confidence to scale without compromising.

Nirman Dave

CEO, Zams

As a solo builder, shipping fast is life or death. The only way I can outcompete incumbents is by outmanoeuvring them. Getting bogged down managing agent auth would have been a death sentence.

Ryan Yu

Founder, Extra Thursday

Before Composio, adding tool integrations was slow and resource-intensive. Each one could take weeks of engineering time, and maintaining them meant constantly keeping up with API changes.

Tomisin Jenrola

Founder & CEO, SwarmZero

With hands-on help from their founder, we integrated Gmail and Google Drive in just 30 minutes. This level of personal support and commitment is exactly what startups should strive for.

Jerome Leclanche

Co-Founder, Ingram Technologies

How to integrate Supabase MCP with Vercel AI SDK v6

Connect Supabase without auth hassles

Introduction

Also integrate Supabase with

TL;DR

What is Vercel AI SDK?

What is the Supabase MCP server, and what's possible with it?

What is the Composio tool router, and how does it fit here?

What is Composio SDK?

How the Composio SDK works

Step-by-step Guide

Prerequisites

Getting API Keys for OpenAI and Composio

Install required dependencies

Set up environment variables

Import required modules and validate environment

Create Tool Router session and initialize MCP client

Connect to MCP server and retrieve tools

Initialize conversation and CLI interface

Handle user input and stream responses with real-time tool feedback

Complete Code

Conclusion

Supported Tools

How to build Supabase MCP Agent with another framework

ChatGPT

OpenAI Agents SDK

Claude Agent SDK

Claude Code

Claude Cowork

Codex

Cursor

OpenClaw

Hermes

CLI

Google ADK

LangChain

Mastra AI

LlamaIndex

CrewAI

OpenCode

VS Code

Explore Other Toolkits

Codeinterpreter

GitHub

Ably

Abuselpdb

Frequently asked questions

What are the differences in Tool Router MCP and Supabase MCP?+

Can I use Tool Router MCP with Vercel AI SDK v6?+

Can I manage the permissions and scopes for Supabase while using Tool Router?+

How safe is my data with Composio Tool Router?+

Start with Supabase.It takes 30 seconds.

Teams ship real agents on Composio