WoWSQL Logo
WoWSQL

Model context protocol (MCP)

Connect your AI tools to WoWSQL using MCP

The Model Context Protocol (MCP) is a standard for connecting Large Language Models (LLMs) to platforms like WoWSQL. Once connected, your AI assistants can interact with and query your WoWSQL projects on your behalf.

HTTP MCP + OAuth 2.0: Configure your client with type: "http" and the MCP URL https://mcp.wowsql.com/mcp (with optional query params below). The client runs a browser-based OAuth flow; access tokens are issued by the WoWSQL API — you do not paste long-lived MCP tokens.

Discovery: GET https://api.wowsql.com/.well-known/oauth-authorization-server

Remote MCP installation

Configure your AI tool

Choose your MCP client and follow the installation instructions:

Cursor MCP Configuration

Configuration file: .cursor/mcp.json

Configuration
{
  "mcpServers": {
    "wowsql": {
      "type": "http",
      "url": "https://mcp.wowsql.com/mcp?project_ref=YOUR_PROJECT_ID&read_only=true&features=database,docs"
    }
  }
}
Setup Instructions
  1. 1
    Dashboard → Project → MCP: copy the snippet (includes project UUID and read_only)
  2. 2
    Open Cursor Settings → Features → MCP or edit ~/.cursor/mcp.json
  3. 3
    Replace YOUR_PROJECT_ID with your project id from the dashboard MCP page
  4. 4
    On first connect, complete OAuth in the browser — no manual token
  5. 5
    Restart Cursor if the client does not pick up changes
OAuth access tokens

After you save the MCP URL, the client will open a browser login. WoWSQL issues short-lived OAuth tokens; the MCP server forwards them to the API.

  • Scope project_ref and read_only=true in the URL when possible.
  • Legacy dashboard token generation remains available but is deprecated.

Production Ready

WoWSQL MCP is built with enterprise-grade security and is fully production-ready. The server includes built-in rate limiting, audit logging, SQL injection protection, and comprehensive error handling. You can confidently use it in both development and production environments with proper API key management and access controls.

HTTP Transport Support

WoWSQL MCP uses HTTP transport. If your MCP client doesn't support HTTP transport yet, you may need to:

  • Check if your client has an HTTP transport option in its configuration
  • Update to the latest version of your MCP client
  • Use a bridge/adapter if available for your client
  • Contact your MCP client's support for HTTP transport roadmap

Next steps

Your AI tool is now connected to your WoWSQL project using HTTP-based MCP. Try asking the AI tool to query your database using natural language commands.

OAuth 2.0 sign-in

Browser-based approval (PKCE)

When you add the HTTP MCP URL to your client, it should open a browser window to log in to WoWSQL and approve access. Tokens are issued by the API — you do not paste secrets into config files.

  1. Open your project in the dashboard → MCP and copy the JSON snippet (includes project_ref and read_only).
  2. Paste into your MCP client; on first connect, complete OAuth in the browser.
  3. Optional: use the legacy dashboard token endpoint only if your client cannot use OAuth yet.

Security & Best Practices

WoWSQL MCP is built with security as a top priority. Our server includes comprehensive security features including SQL injection protection, rate limiting, audit logging, and robust error handling. Here's how to maximize security and get the most out of your MCP integration.

Built-in Security Features

SQL Injection Protection

All database queries are automatically sanitized and use parameterized statements to prevent SQL injection attacks.

Rate Limiting

Built-in rate limiting protects your database from excessive requests and ensures fair usage across all users.

Audit Logging

All MCP operations are logged with detailed audit trails for security monitoring and compliance.

Error Handling

Comprehensive error handling with structured error codes for better debugging and security monitoring.

Best Practices for Production

Follow these recommendations to ensure optimal security and performance in production environments:

  • API Key Management: Use environment variables to store your API keys securely. Rotate keys regularly and use different keys for development and production environments.
  • Project Scoping: Scope your MCP server to specific projects to limit access to only the resources you need. This provides better isolation and security.
  • Tool Permissions: Configure which tools are available to the LLM. Enable only the tools you need to minimize the attack surface.
  • Manual Approval: Most MCP clients support manual approval of tool calls. Keep this enabled in production to review operations before execution.
  • Monitor Audit Logs: Regularly review audit logs to track MCP usage and identify any unusual patterns or potential security issues.

Understanding Prompt Injection

Prompt injection is a technique where malicious instructions are embedded in user content to manipulate LLM behavior. WoWSQL MCP includes multiple layers of protection against this:

Protection Mechanisms

  • Input validation and sanitization for all queries
  • SQL result wrapping with security instructions
  • Structured error responses that prevent command injection
  • Rate limiting to prevent automated attacks

Combined with manual approval in MCP clients, these protections provide robust security for production use.