How to integrate Supabase MCP with Mastra AI

This guide walks you through connecting Supabase to Mastra AI using the Composio tool router. By the end, you'll have a working Supabase agent that can create a new secret api key for your project, list all third-party auth providers configured, delete google oauth from your supabase project through natural language commands. This guide will help you understand how to give your Mastra AI agent real control over a Supabase account through Composio's Supabase MCP server. Before we dive in, let's take a quick look at the key ideas and tools involved.

Get started for free Get a demo

Supabase

Oauth2Api Key

Supabase is an open-source backend platform offering scalable Postgres databases, authentication, storage, and real-time APIs. It lets developers build modern apps without managing infrastructure.

116 Tools

Managed auth

Connect Supabase without auth hassles

We manage OAuth, API keys, token refresh, and scopes — you just build.

Try for free

Introduction

This guide will help you understand how to give your Mastra AI agent real control over a Supabase account through Composio's Supabase MCP server.

Before we dive in, let's take a quick look at the key ideas and tools involved.

Also integrate Supabase with

ChatGPT OpenAI Agents SDK Claude Agent SDK Claude Code Claude Cowork Codex OpenCode Cursor VS Code OpenClaw Hermes CLI Google ADK LangChain Vercel AI SDK LlamaIndex CrewAI

TL;DR

Here's what you'll learn:

Set up your environment so Mastra, OpenAI, and Composio work together
Create a Tool Router session in Composio that exposes Supabase tools
Connect Mastra's MCP client to the Composio generated MCP URL
Fetch Supabase tool definitions and attach them as a toolset
Build a Mastra agent that can reason, call tools, and return structured results
Run an interactive CLI where you can chat with your Supabase agent

What is Mastra AI?

Mastra AI is a TypeScript framework for building AI agents with tool support. It provides a clean API for creating agents that can use external services through MCP.

Key features include:

MCP Client: Built-in support for Model Context Protocol servers
Toolsets: Organize tools into logical groups
Step Callbacks: Monitor and debug agent execution
OpenAI Integration: Works with OpenAI models via @ai-sdk/openai

What is the Supabase MCP server, and what's possible with it?

The Supabase MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Supabase account. It provides structured and secure access to your Supabase projects, so your agent can perform actions like managing API keys, configuring authentication, and handling custom domains on your behalf.

API key management: Create, update, or permanently delete project API keys, including setting descriptions and customizing JWT templates for secure access control.
Third-party auth integration control: List, retrieve, or remove third-party authentication providers (like Google or GitHub) from your Supabase project to tailor user sign-in options.
Custom domain and subdomain setup: Activate custom hostnames or vanity subdomains for your Supabase project, ensuring your app is accessible at a branded URL after DNS verification.
OAuth authorization handling: Generate OAuth 2.0 authorization URLs for secure user authentication flows, supporting seamless integration with registered apps.
Subdomain availability checks: Instantly verify if a desired vanity subdomain is available for your project before making DNS changes or launching branded experiences.

What is the Composio tool router, and how does it fit here?

What is Composio SDK?

Composio's Composio SDK helps agents find the right tools for a task at runtime. You can plug in multiple toolkits (like Gmail, HubSpot, and GitHub), and the agent will identify the relevant app and action to complete multi-step workflows. This can reduce token usage and improve the reliability of tool calls. Read more here: Getting started with Composio SDK

The tool router generates a secure MCP URL that your agents can access to perform actions.

How the Composio SDK works

The Composio SDK follows a three-phase workflow:

Discovery: Searches for tools matching your task and returns relevant toolkits with their details.
Authentication: Checks for active connections. If missing, creates an auth config and returns a connection URL via Auth Link.
Execution: Executes the action using the authenticated connection.

Step-by-step Guide

Step by step09 STEPS

Prerequisites

Before starting, make sure you have:

Node.js 18 or higher
A Composio account with an active API key
An OpenAI API key
Basic familiarity with TypeScript

Getting API Keys for OpenAI and Composio

OpenAI API Key

Go to the OpenAI dashboard and create an API key.
You need credits or a connected billing setup to use the models.
Store the key somewhere safe.

Composio API Key

Log in to the Composio dashboard.
Go to Settings and copy your API key.
This key lets your Mastra agent talk to Composio and reach Supabase through MCP.

Install dependencies

bash

npm install @composio/core @mastra/core @mastra/mcp @ai-sdk/openai dotenv

Install the required packages.

What's happening:

@composio/core is the Composio SDK for creating MCP sessions
@mastra/core provides the Agent class
@mastra/mcp is Mastra's MCP client
@ai-sdk/openai is the model wrapper for OpenAI
dotenv loads environment variables from .env

Set up environment variables

bash

COMPOSIO_API_KEY=your_composio_api_key_here
COMPOSIO_USER_ID=your_user_id_here
OPENAI_API_KEY=your_openai_api_key_here

Create a .env file in your project root.

What's happening:

COMPOSIO_API_KEY authenticates your requests to Composio
COMPOSIO_USER_ID tells Composio which user this session belongs to
OPENAI_API_KEY lets the Mastra agent call OpenAI models

Import libraries and validate environment

typescript

import "dotenv/config";
import { openai } from "@ai-sdk/openai";
import { Agent } from "@mastra/core/agent";
import { MCPClient } from "@mastra/mcp";
import { Composio } from "@composio/core";
import * as readline from "readline";

import type { AiMessageType } from "@mastra/core/agent";

const openaiAPIKey = process.env.OPENAI_API_KEY;
const composioAPIKey = process.env.COMPOSIO_API_KEY;
const composioUserID = process.env.COMPOSIO_USER_ID;

if (!openaiAPIKey) throw new Error("OPENAI_API_KEY is not set");
if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set");
if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set");

const composio = new Composio({
  apiKey: composioAPIKey as string,
});

What's happening:

dotenv/config auto loads your .env so process.env.* is available
openai gives you a Mastra compatible model wrapper
Agent is the Mastra agent that will call tools and produce answers
MCPClient connects Mastra to your Composio MCP server
Composio is used to create a Tool Router session

Create a Tool Router session for Supabase

typescript

async function main() {
  const session = await composio.create(
    composioUserID as string,
    {
      toolkits: ["supabase"],
    },
  );

  const composioMCPUrl = session.mcp.url;
  console.log("Supabase MCP URL:", composioMCPUrl);

What's happening:

create spins up a short-lived MCP HTTP endpoint for this user
The toolkits array contains "supabase" for Supabase access
session.mcp.url is the MCP URL that Mastra's MCPClient will connect to

Configure Mastra MCP client and fetch tools

typescript

const mcpClient = new MCPClient({
    id: composioUserID as string,
    servers: {
      nasdaq: {
        url: new URL(composioMCPUrl),
        requestInit: {
          headers: session.mcp.headers,
        },
      },
    },
    timeout: 30_000,
  });

console.log("Fetching MCP tools from Composio...");
const composioTools = await mcpClient.getTools();
console.log("Number of tools:", Object.keys(composioTools).length);

What's happening:

MCPClient takes an id for this client and a list of MCP servers
The headers property includes the x-api-key for authentication
getTools fetches the tool definitions exposed by the Supabase toolkit

Create the Mastra agent

typescript

const agent = new Agent({
    name: "supabase-mastra-agent",
    instructions: "You are an AI agent with Supabase tools via Composio.",
    model: "openai/gpt-5",
  });

What's happening:

Agent is the core Mastra agent
name is just an identifier for logging and debugging
instructions guide the agent to use tools instead of only answering in natural language
model uses openai("gpt-5") to configure the underlying LLM

Set up interactive chat interface

typescript

let messages: AiMessageType[] = [];

console.log("Chat started! Type 'exit' or 'quit' to end.\n");

const rl = readline.createInterface({
  input: process.stdin,
  output: process.stdout,
  prompt: "> ",
});

rl.prompt();

rl.on("line", async (userInput: string) => {
  const trimmedInput = userInput.trim();

  if (["exit", "quit", "bye"].includes(trimmedInput.toLowerCase())) {
    console.log("\nGoodbye!");
    rl.close();
    process.exit(0);
  }

  if (!trimmedInput) {
    rl.prompt();
    return;
  }

  messages.push({
    id: crypto.randomUUID(),
    role: "user",
    content: trimmedInput,
  });

  console.log("\nAgent is thinking...\n");

  try {
    const response = await agent.generate(messages, {
      toolsets: {
        supabase: composioTools,
      },
      maxSteps: 8,
    });

    const { text } = response;

    if (text && text.trim().length > 0) {
      console.log(`Agent: ${text}\n`);
        messages.push({
          id: crypto.randomUUID(),
          role: "assistant",
          content: text,
        });
      }
    } catch (error) {
      console.error("\nError:", error);
    }

    rl.prompt();
  });

  rl.on("close", async () => {
    console.log("\nSession ended.");
    await mcpClient.disconnect();
    process.exit(0);
  });
}

main().catch((err) => {
  console.error("Fatal error:", err);
  process.exit(1);
});

What's happening:

messages keeps the full conversation history in Mastra's expected format
agent.generate runs the agent with conversation history and Supabase toolsets
maxSteps limits how many tool calls the agent can take in a single run
onStepFinish is a hook that prints intermediate steps for debugging

Complete Code

Here's the complete code to get you started with Supabase and Mastra AI:

typescript

import "dotenv/config";
import { openai } from "@ai-sdk/openai";
import { Agent } from "@mastra/core/agent";
import { MCPClient } from "@mastra/mcp";
import { Composio } from "@composio/core";
import * as readline from "readline";

import type { AiMessageType } from "@mastra/core/agent";

const openaiAPIKey = process.env.OPENAI_API_KEY;
const composioAPIKey = process.env.COMPOSIO_API_KEY;
const composioUserID = process.env.COMPOSIO_USER_ID;

if (!openaiAPIKey) throw new Error("OPENAI_API_KEY is not set");
if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set");
if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set");

const composio = new Composio({ apiKey: composioAPIKey as string });

async function main() {
  const session = await composio.create(composioUserID as string, {
    toolkits: ["supabase"],
  });

  const composioMCPUrl = session.mcp.url;

  const mcpClient = new MCPClient({
    id: composioUserID as string,
    servers: {
      supabase: {
        url: new URL(composioMCPUrl),
        requestInit: {
          headers: session.mcp.headers,
        },
      },
    },
    timeout: 30_000,
  });

  const composioTools = await mcpClient.getTools();

  const agent = new Agent({
    name: "supabase-mastra-agent",
    instructions: "You are an AI agent with Supabase tools via Composio.",
    model: "openai/gpt-5",
  });

  let messages: AiMessageType[] = [];

  const rl = readline.createInterface({
    input: process.stdin,
    output: process.stdout,
    prompt: "> ",
  });

  rl.prompt();

  rl.on("line", async (input: string) => {
    const trimmed = input.trim();
    if (["exit", "quit"].includes(trimmed.toLowerCase())) {
      rl.close();
      return;
    }

    messages.push({ id: crypto.randomUUID(), role: "user", content: trimmed });

    const { text } = await agent.generate(messages, {
      toolsets: { supabase: composioTools },
      maxSteps: 8,
    });

    if (text) {
      console.log(`Agent: ${text}\n`);
      messages.push({ id: crypto.randomUUID(), role: "assistant", content: text });
    }

    rl.prompt();
  });

  rl.on("close", async () => {
    await mcpClient.disconnect();
    process.exit(0);
  });
}

main();

Conclusion

You've built a Mastra AI agent that can interact with Supabase through Composio's Tool Router. You can extend this further by:

Adding other toolkits like Gmail, Slack, or GitHub
Building a web-based chat interface around this agent
Using multiple MCP endpoints to enable cross-app workflows

TOOLS

Supported Tools

Every Supabase action and event your agent gets out of the box.

Create project api key

Creates a 'publishable' or 'secret' API key for an existing Supabase project, optionally with a description; 'secret' keys can have customized JWT templates.

Delete an API key from the project

Permanently deletes a specific API key (identified by `id`) from a Supabase project (identified by `ref`), revoking its access.

Delete third party auth config

Removes a third-party authentication provider (e.

Get a third-party integration

Retrieves the detailed configuration for a specific third-party authentication (TPA) provider, identified by `tpa_id`, within an existing Supabase project specified by `ref`.

List third-party auth integrations for project

Lists all configured third-party authentication provider integrations for an existing Supabase project (using its `ref`), suitable for read-only auditing or verifying current authentication settings.

Update an API key for the project

Updates an existing Supabase project API key's `description` and/or `secret_jwt_template` (which defines its `role`); does not regenerate the key string.

Apply a database migration

Tool to apply database migrations to a Supabase project.

Beta activate custom hostname for project

Activates a previously configured custom hostname for a Supabase project, assuming DNS settings are verified externally.

Activate vanity subdomain for project

Activates a vanity subdomain for the specified Supabase project (e.

Authorize user through OAuth

Generates a Supabase OAuth 2.

Check vanity subdomain availability

Checks if a specific vanity subdomain is available for a Supabase project; this action does not reserve or assign the subdomain.

Setup read replica for project

Provisions a read-only replica for a Supabase project in a specified, Supabase-supported AWS region to enhance read performance and reduce latency.

Enable project database webhooks

Enables database webhooks for the Supabase project `ref`, triggering real-time notifications for INSERT, UPDATE, or DELETE events.

Beta get project's custom hostname config

Retrieves a Supabase project's custom hostname configuration, including its status, SSL certificate, and ownership verification, noting that availability may depend on the project's plan.

Retrieve network bans for project

Retrieves the list of banned IPv4 addresses for a Supabase project using its unique project reference string; this is a read-only operation.

Get project network restrictions

Retrieves the network restriction settings (IP allowlists) for a Supabase project.

Get project pgsodium config

Retrieves the PGSodium configuration, including the root encryption key, for an existing Supabase project identified by its `ref`.

Get project SSL enforcement configuration

Retrieves the SSL enforcement configuration for a specified Supabase project, indicating if SSL connections are mandated for its database.

Get current vanity subdomain config

Fetches the current vanity subdomain configuration, including its status and custom domain name, for a Supabase project identified by its reference ID.

Remove project network bans

Removes specified IPv4 addresses from a Supabase project's network ban list, granting immediate access; IPs not currently banned are ignored.

Remove read replica

Remove a read replica from a Supabase project (Pro plan or higher required).

Execute project database query

Executes a given SQL query against the project's database; use for advanced data operations or when standard API endpoints are insufficient, ensuring queries are valid PostgreSQL and sanitized.

Beta update project network restrictions

Updates and applies network access restrictions (IPv4/IPv6 CIDR lists) for a Supabase project, which may terminate existing connections not matching the new rules.

Upgrade the project's PostgreSQL version

Initiates an asynchronous upgrade of a Supabase project's PostgreSQL database to a specified `target_version` from a selected `release_channel`, returning a `tracking_id` to monitor status; the `target_version` must be available in the chosen channel.

Count action runs

Counts the number of action runs for a Supabase project using a HEAD request.

Create new project

Creates a new Supabase project, requiring a unique name (no dots) within the organization; project creation is asynchronous.

Bulk create secrets

Tool to bulk create secrets for a Supabase project.

Create a database branch

Creates a new, isolated database branch from an existing Supabase project (identified by `ref`), useful for setting up separate environments like development or testing, which can optionally be linked to a Git branch.

Create a function

Creates a new serverless Edge Function for a Supabase project (identified by `ref`), requiring valid JavaScript/TypeScript in `body` and a project-unique `slug` identifier.

Create CLI login role

Creates a temporary CLI login role for database access with specified permissions; use when setting up CLI authentication for development or administrative tasks.

Create an organization

Creates a new Supabase organization, which serves as a top-level container for projects, billing, and team access.

Create project signing key

Create a new signing key for JWT authentication in a Supabase project.

Create SSO provider configuration

Creates a new SAML 2.

Create a new third-party auth integration

Call this to add a new third-party authentication method (OIDC or JWKS) to a Supabase project for integrating external identity providers (e.

Delete custom hostname config

Deletes an active custom hostname configuration for the project identified by `ref`, reverting to the default Supabase-provided hostname; this action immediately makes the project inaccessible via the custom domain and requires subsequent updates to client, OAuth, and DNS settings.

Delete branch by id

Permanently and irreversibly deletes a specific, non-default database branch by its `branch_id`, without affecting other branches.

Delete an edge function by slug

Permanently deletes a specific Edge Function (by `function_slug`) from a Supabase project (by `ref`); this action is irreversible and requires prior existence of both project and function.

Delete CLI login roles

[Beta] Deletes existing login roles used by the Supabase CLI for the specified project.

Delete project by ref

Permanently and irreversibly deletes a Supabase project, identified by its unique `ref` ID, resulting in complete data loss.

Delete vanity subdomain for project

Permanently and irreversibly deletes an active vanity subdomain configuration for the specified Supabase project, reverting it to its default Supabase URL.

Bulk delete secrets

Tool to bulk delete secrets from a Supabase project.

Remove an SSO provider

Deletes a specific SSO provider by its ID (`provider_id`) from a Supabase project (`ref`), which disables it and returns its details; ensure this action will not inadvertently lock out users.

Deploy function

Deploys Edge Functions to a Supabase project using multipart upload.

Disable preview branching

Disables the preview branching feature for an existing Supabase project, identified by its unique reference ID (`ref`).

Disable project readonly mode

Temporarily disables a Supabase project's read-only mode for 15 minutes to allow write operations (e.

Exchange auth code for access and refresh token

(Beta) Implements the OAuth 2.

Generate TypeScript types

Generates and retrieves TypeScript types from a Supabase project's database; any schemas specified in `included_schemas` must exist in the project.

Get action run status

Retrieves the status and details of a specific action run, including its steps, timestamps, and configuration.

Get action run logs

Retrieves the execution logs for a specific action run by its ID.

Get Available Regions

Tool to get the list of available regions for creating a new Supabase project.

Get a database branch

Retrieves detailed information about a specific database branch by its name and project reference.

Get database branch config

Retrieves the read-only configuration and status for a Supabase database branch, typically for monitoring or verifying its settings.

Retrieve a function

Retrieves detailed information, metadata, configuration, and status for a specific Edge Function using its project reference ID and function slug.

Retrieve a function body

Retrieves the source code (body) for a specified serverless Edge Function using its project reference and function slug; this is a read-only operation that does not execute the function or return runtime logs.

Get API Health Status

Tool to check the health status of the Supabase API.

Get JIT access config

[Beta] Retrieves the project's just-in-time (JIT) access configuration, including user roles and their expiration settings.

Get a migration

Retrieves a specific database migration entry from the migration history using its version identifier.

Get information about an organization

Fetches comprehensive details for a specific Supabase organization using its unique slug.

Get project

Retrieves detailed information about a specific Supabase project by its unique reference ID.

Get project API key

Retrieves details of a specific API key for a Supabase project by its UUID.

Get project API keys

Retrieves all API keys for an existing Supabase project, specified by its unique reference ID (`ref`); this is a read-only operation.

Get project logs

Retrieves analytics logs for a Supabase project.

Get project PgBouncer config

Retrieves the active PgBouncer configuration (PostgreSQL connection pooler) for a Supabase project, used for performance tuning, auditing, or getting the connection string.

Get project postgres config

Retrieves the current read-only PostgreSQL database configuration for a specified Supabase project's `ref`, noting that some advanced or security-sensitive details might be omitted from the response.

Get project's PostgREST config

Retrieves the PostgREST configuration for a specific Supabase project.

Get project's read-only mode status

Retrieves the read-only mode status for a specified Supabase project to check its operational state; this action does not change the read-only state.

Get project signing keys

Tool to list all signing keys for a Supabase project.

Get project Supavisor configuration

Retrieves the Supavisor (connection pooler) configuration for a specified Supabase project, identified by its reference ID.

Get Project Upgrade Eligibility

Checks a Supabase project's eligibility for an upgrade, verifying compatibility and identifying potential issues; this action does not perform the actual upgrade.

Get project upgrade status

Retrieves the latest status of a Supabase project's database upgrade for monitoring purposes; does not initiate or modify upgrades.

Get TUS resumable upload base options

Handles OPTIONS request for TUS Resumable uploads to discover server capabilities.

Get TUS resumable upload options

Handles OPTIONS request for TUS Resumable uploads to discover server capabilities.

Get project's auth config

Retrieves the project's complete read-only authentication configuration, detailing all settings (e.

Get project's service health status

Retrieves the current health status for a Supabase project, for specified services or all services if the 'services' list is omitted.

Get a specific SQL snippet

Retrieves a specific SQL snippet by its unique identifier.

Get a SSO provider by its UUID

Retrieves the configuration details for a specific Single Sign-On (SSO) provider (e.

Get Table Schemas

Retrieves column details, types, and constraints for multiple database tables to help debug schema issues and write accurate SQL queries.

OPTIONS for resumable upload sign

Handles CORS preflight OPTIONS request for TUS resumable upload signing.

OPTIONS for resumable upload sign

Handles CORS preflight OPTIONS request for TUS resumable upload signing endpoints.

Invoke Edge Function

Tool to invoke a deployed Supabase Edge Function over HTTPS.

List all organizations

Lists all organizations (ID and name only) associated with the Supabase account, excluding project details within these organizations.

List all projects

Retrieves a list of all Supabase projects, including their ID, name, region, and status, for the authenticated user.

List project database backups

Lists all database backups for a Supabase project, providing details on existing backups but not creating new ones or performing restores; availability may depend on plan and configuration.

List all buckets

Retrieves a list of all storage buckets for a Supabase project, without returning bucket contents or access policies.

List all database branches

Lists all database branches for a specified Supabase project, used for isolated development and testing of schema changes; ensure the project reference ID is valid.

List all functions

Lists metadata for all Edge Functions in a Supabase project (specified by 'ref'), excluding function code or logs; the project must exist.

List migration history

Retrieves the list of applied database migration versions for a Supabase project.

List members of an organization

Retrieves all members of a Supabase organization, identified by its unique slug, including their user ID, username, email, role, and MFA status.

List all secrets

Retrieves all secrets for a Supabase project using its reference ID; secret values in the response may be masked.

List SQL snippets for the logged in user

Retrieves a list of SQL snippets for the logged-in user, optionally filtered by a specific Supabase project if `project_ref` is provided.

List all SSO providers

Lists all configured Single Sign-On (SSO) providers for a Supabase project, requiring the project reference ID (`ref`) of an existing project.

List Database Tables

Lists all tables and views in specified database schemas, providing a quick overview of database structure to help identify available tables before fetching detailed schemas.

Patch a migration

[Beta] Patches an existing entry in the project's migration history, updating the name or rollback script.

Patch project network restrictions

Updates project's network restrictions by incrementally adding or removing IPv4/IPv6 CIDR blocks.

Push a database branch

Pushes a database branch, applying migrations and changes to the specified branch.

Reset a database branch

Resets an existing Supabase database branch, identified by `branch_id`, to its initial clean state, irreversibly deleting all its current data and schema changes.

Restore database PITR backup

Restores a Supabase project's database to a specific Unix timestamp using Point-in-Time Recovery (PITR), overwriting the current state; requires a paid plan with PITR and physical backups enabled.

Execute read-only database query

[Beta] Run a SQL query as supabase_read_only_user.

Select From Table

Tool to select rows from a Supabase/PostgREST table.

Update a function

Updates an existing Supabase Edge Function's properties (like name, slug, source code, JWT settings, import map) identified by project `ref` and `function_slug`, supporting plain text code or ESZIP for the body.

Update database branch config

Updates the configuration of a Supabase database branch, allowing modification of its name, associated Git branch, reset-on-push behavior, persistence, and status.

Update database password

Updates the database password for a Supabase project.

Bulk update functions

Tool to bulk update Edge Functions in a Supabase project.

Update JIT access config

[Beta] Update a Supabase project's just-in-time (JIT) access configuration.

Update pgsodium root key

Critically updates or initializes a Supabase project's pgsodium root encryption key for security setup or key rotation, requiring secure backup of the new key to prevent irreversible data loss.

Update a project

Updates a Supabase project's configuration (currently supports updating the project name).

Update project's auth config

Update Supabase project Auth configuration via the Management API.

Update project's custom hostname configuration

Updates the custom hostname for a Supabase project, requiring subsequent DNS changes to a user-controlled domain for SSL certificate issuance and domain ownership.

Update project legacy API keys

Tool to disable or re-enable JWT-based legacy API keys (anon, service_role) for a Supabase project.

Update project's postgres config

Updates specified PostgreSQL configuration parameters for an existing Supabase project (`ref`) to optimize database performance; note that unspecified parameters remain unchanged, and caution is advised as incorrect settings can impact stability or require a restart.

Update project's PostgREST config

Updates PostgREST configuration settings (e.

Update database pooler config

Updates the Supavisor (database pooler) configuration, such as `default_pool_size`, for an existing Supabase project identified by `ref`; the `pool_mode` parameter in the request is deprecated and ignored.

Update SSL enforcement config

Updates the SSL enforcement configuration (enable/disable) for a specified Supabase project's database.

Update an SSO provider by its UUID

Updates an existing SSO provider's SAML metadata, associated email domains, or attribute mappings for a Supabase project, identified by `ref` and `provider_id`.

Upsert migration

Tool to upsert a database migration without applying it.

Reverify custom hostname

Re-verifies DNS and SSL configurations for an existing custom hostname associated with a Supabase project.

FRAMEWORKS

How to build Supabase MCP Agent with another framework

ChatGPT

Use Supabase MCP with ChatGPT

OpenAI Agents SDK

Use Supabase MCP with OpenAI Agents SDK

Claude Agent SDK

Use Supabase MCP with Claude Agent SDK

Claude Code

Use Supabase MCP with Claude Code

Claude Cowork

Use Supabase MCP with Claude Cowork

Codex

Use Supabase MCP with Codex

Cursor

Use Supabase MCP with Cursor

OpenClaw

Use Supabase MCP with OpenClaw

Hermes

Use Supabase MCP with Hermes

CLI

Use Supabase MCP with CLI

Google ADK

Use Supabase MCP with Google ADK

LangChain

Use Supabase MCP with LangChain

Vercel AI SDK

Use Supabase MCP with Vercel AI SDK

LlamaIndex

Use Supabase MCP with LlamaIndex

CrewAI

Use Supabase MCP with CrewAI

OpenCode

Use Supabase MCP with OpenCode

VS Code

Use Supabase MCP with VS Code

MORE TOOLKITS

Explore Other Toolkits

Toolkit marketplace

Codeinterpreter

No Auth

Codeinterpreter is a Python-based coding environment with built-in data analysis and visualization. It lets you instantly run scripts, plot results, and prototype solutions inside supported platforms.

GitHub

Oauth2

GitHub is a code hosting platform for version control and collaborative software development. It streamlines project management, code review, and team workflows in one place.

Ably

Api Key

Ably is a real-time messaging platform for live chat and data sync in modern apps. It offers global scale and rock-solid reliability for seamless, instant experiences.

Abuselpdb

Api Key

Abuselpdb is a central database for reporting and checking IPs linked to malicious online activity. Use it to quickly identify and report suspicious or abusive IP addresses.

FAQ

Frequently asked questions

With a standalone Supabase MCP server, the agents and LLMs can only access a fixed set of Supabase tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Supabase and many other apps based on the task at hand, all through a single MCP endpoint.

Yes, you can. Mastra AI fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Supabase tools.

Yes, absolutely. You can configure which Supabase scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do.

All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Supabase data and credentials are handled as safely as possible.

Start with Supabase.It takes 30 seconds.

Managed auth, hosted MCP servers, and every Supabase tool your agent needs.Free to start.

Start building

Customer stories

Teams ship real agents on Composio

GET STARTED FOR FREE BOOK A DEMO

Karan skipped his own birthday party to fix our critical issue. It was 10pm and he diverted his Waymo to help us instead. This really sets the bar — it shows the commitment you need when users rely on your software.

Harsha Gaddipati

Co-founder, Slashy

A lot of students tell us that the moment their connected tools start talking to each other inside Opennote feels almost magical. The agent just knows them, and it's immensely helped keep new users on the platform.

Abhi Arya

Co-founder, Opennote

We chose Composio over Pipedream because it delivered depth where it mattered — niche tools and tricky edge cases other platforms simply ignored. That gave us confidence to scale without compromising.

Nirman Dave

CEO, Zams

As a solo builder, shipping fast is life or death. The only way I can outcompete incumbents is by outmanoeuvring them. Getting bogged down managing agent auth would have been a death sentence.

Ryan Yu

Founder, Extra Thursday

Before Composio, adding tool integrations was slow and resource-intensive. Each one could take weeks of engineering time, and maintaining them meant constantly keeping up with API changes.

Tomisin Jenrola

Founder & CEO, SwarmZero

With hands-on help from their founder, we integrated Gmail and Google Drive in just 30 minutes. This level of personal support and commitment is exactly what startups should strive for.

Jerome Leclanche

Co-Founder, Ingram Technologies

How to integrate Supabase MCP with Mastra AI

Connect Supabase without auth hassles

Introduction

Also integrate Supabase with

TL;DR

What is Mastra AI?

What is the Supabase MCP server, and what's possible with it?

What is the Composio tool router, and how does it fit here?

What is Composio SDK?

How the Composio SDK works

Step-by-step Guide

Prerequisites

Getting API Keys for OpenAI and Composio

Install dependencies

Set up environment variables

Import libraries and validate environment

Create a Tool Router session for Supabase

Configure Mastra MCP client and fetch tools

Create the Mastra agent

Set up interactive chat interface

Complete Code

Conclusion

Supported Tools

How to build Supabase MCP Agent with another framework

ChatGPT

OpenAI Agents SDK

Claude Agent SDK

Claude Code

Claude Cowork

Codex

Cursor

OpenClaw

Hermes

CLI

Google ADK

LangChain

Vercel AI SDK

LlamaIndex

CrewAI

OpenCode

VS Code

Explore Other Toolkits

Codeinterpreter

GitHub

Ably

Abuselpdb

Frequently asked questions

What are the differences in Tool Router MCP and Supabase MCP?+

Can I use Tool Router MCP with Mastra AI?+

Can I manage the permissions and scopes for Supabase while using Tool Router?+

How safe is my data with Composio Tool Router?+

Start with Supabase.It takes 30 seconds.

Teams ship real agents on Composio