WoWSQLWoWSQL
Dashboard

Configuration

MCP Configuration β€” WoWSQL Docs

MCP Configuration

Model Context Protocol β€” Connect AI tools to WoWSQL

Introduction

The Model Context Protocol (MCP) is a standard for connecting Large Language Models (LLMs) to platforms like WoWSQL. Once connected, your AI assistants can interact with and query your WoWSQL projects on your behalf.

HTTP-Based MCP Server: WoWSQL MCP uses HTTP transport, connecting directly to the WoWSQL API at https://api.wowsql.com/api/v1/mcp. This provides better reliability, security, and eliminates the need for local npm packages. Simply login to WoWSQL dashboard, generate an MCP token, and use it in your MCP client configuration.

Getting Your MCP Token

Simple Token-Based Authentication

Generate MCP access tokens directly from your WoWSQL dashboard. Login with your existing account (email/password or OAuth), then generate a token for your MCP client.

Step-by-Step Token Generation

  1. Log in to your WoWSQL dashboard at app.wowsql.com (use email/password or OAuth - Google/GitHub)
  2. Go to your Profile page β†’ MCP Access Tokens section
  3. Click "Generate MCP Token" (optionally name your client, e.g., "Cursor" or "Claude Desktop")
  4. Copy the generated token immediately (you won't see it again!)
  5. Add the token to your MCP client configuration as shown below
Secure & Simple: Your MCP tokens are tied to your WoWSQL account. You can revoke them anytime from your profile page. No need to manage separate API keys or OAuth flows in your MCP client.

Client Configuration

Choose your MCP client and follow the installation instructions:

Cursor MCP Configuration

Configuration file: .cursor/mcp.json or ~/.cursor/mcp.json

{
  "mcpServers": {
    "wowsql": {
      "url": "https://api.wowsql.com/api/v1/mcp",
      "transport": "http",
      "headers": {
        "Authorization": "Bearer YOUR_MCP_TOKEN_HERE",
        "Content-Type": "application/json"
      }
    }
  }
}

Setup Instructions

  1. Log in to WoWSQL dashboard and generate an MCP token (Profile β†’ MCP Access Tokens)
  2. Open Cursor Settings β†’ Features β†’ MCP
  3. Or create/edit the file at ~/.cursor/mcp.json
  4. Paste the configuration above
  5. Replace YOUR_MCP_TOKEN_HERE with the token you copied from the dashboard
  6. Restart Cursor to activate the MCP server

VS Code Settings

Configuration file: settings.json (User Settings)

{
  "mcp.servers": {
    "wowsql": {
      "url": "https://api.wowsql.com/api/v1/mcp",
      "transport": "http",
      "headers": {
        "Authorization": "Bearer YOUR_MCP_TOKEN_HERE",
        "Content-Type": "application/json"
      }
    }
  }
}

Setup Instructions

  1. Log in to WoWSQL dashboard and generate an MCP token (Profile β†’ MCP Access Tokens)
  2. Press Cmd+Shift+P (Mac) or Ctrl+Shift+P (Windows/Linux)
  3. Type "Preferences: Open User Settings (JSON)"
  4. Add the configuration above to your settings.json
  5. Replace YOUR_MCP_TOKEN_HERE with the token you copied from the dashboard
  6. Restart VS Code to activate the MCP server

Claude Desktop Configuration

Configuration file locations:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
  • Linux: ~/.config/Claude/claude_desktop_config.json

HTTP Transport (Recommended)

{
  "mcpServers": {
    "wowsql": {
      "url": "https://api.wowsql.com/api/v1/mcp",
      "transport": "http",
      "headers": {
        "Authorization": "Bearer YOUR_MCP_TOKEN_HERE",
        "Content-Type": "application/json"
      }
    }
  }
}

Stdio Transport (Alternative)

If your Claude Desktop doesn't support HTTP transport, use the stdio bridge:

{
  "mcpServers": {
    "wowsql": {
      "command": "python",
      "args": ["-m", "app.mcp.stdio_server", "--token", "YOUR_MCP_TOKEN_HERE"],
      "env": {
        "PYTHONPATH": "/path/to/backend"
      }
    }
  }
}

Or using the standalone bridge script:

{
  "mcpServers": {
    "wowsql": {
      "command": "python",
      "args": ["/path/to/backend/mcp_stdio_bridge.py", "--token", "YOUR_MCP_TOKEN_HERE"]
    }
  }
}

Setup Instructions

  1. Log in to WoWSQL dashboard and generate an MCP token (Profile β†’ MCP Access Tokens)
  2. Locate your Claude Desktop config file (see paths above)
  3. Create or edit the config file and paste the configuration above
  4. Replace YOUR_MCP_TOKEN_HERE with the token you copied from the dashboard
  5. If using stdio transport, ensure Python 3.8+ is installed and httpx is available: pip install httpx
  6. Restart Claude Desktop to activate the MCP server

Available Tools

Once connected, these MCP tools are available:

  • list_projects - List all your WoWSQL projects
  • list_tables - List all tables in a project
  • query_database - Query table data with filters
  • create_table - Create database tables
  • alter_table - Modify table structure (add/drop/modify columns)
  • drop_table - Delete tables
  • insert_data - Insert new rows into tables
  • update_data - Update existing rows
  • delete_data - Delete rows from tables

Security & Best Practices

WoWSQL MCP is built with security as a top priority. Our server includes comprehensive security features including SQL injection protection, rate limiting, audit logging, and robust error handling.

Built-in Security Features

SQL Injection Protection

All database queries are automatically sanitized and use parameterized statements to prevent SQL injection attacks.

Rate Limiting

Built-in rate limiting protects your database from excessive requests and ensures fair usage across all users.

Audit Logging

All MCP operations are logged with detailed audit trails for security monitoring and compliance.

Error Handling

Comprehensive error handling with structured error codes for better debugging and security monitoring.

Best Practices for Production

  • API Key Management: Use environment variables to store your API keys securely. Rotate keys regularly and use different keys for development and production environments.
  • Project Scoping: Scope your MCP server to specific projects to limit access to only the resources you need. This provides better isolation and security.
  • Tool Permissions: Configure which tools are available to the LLM. Enable only the tools you need to minimize the attack surface.
  • Manual Approval: Most MCP clients support manual approval of tool calls. Keep this enabled in production to review operations before execution.
  • Monitor Audit Logs: Regularly review audit logs to track MCP usage and identify any unusual patterns or potential security issues.

Understanding Prompt Injection

Prompt injection is a technique where malicious instructions are embedded in user content to manipulate LLM behavior. WoWSQL MCP includes multiple layers of protection against this:

Protection Mechanisms:
  • Input validation and sanitization for all queries
  • SQL result wrapping with security instructions
  • Structured error responses that prevent command injection
  • Rate limiting to prevent automated attacks

Combined with manual approval in MCP clients, these protections provide robust security for production use.

HTTP Transport Support

HTTP Transport Support

WoWSQL MCP uses HTTP transport. If your MCP client doesn't support HTTP transport yet, you may need to:

  • Check if your client has an HTTP transport option in its configuration
  • Update to the latest version of your MCP client
  • Use a bridge/adapter if available for your client
  • Contact your MCP client's support for HTTP transport roadmap

Production Ready

Production Ready

WoWSQL MCP is built with enterprise-grade security and is fully production-ready. The server includes built-in rate limiting, audit logging, SQL injection protection, and comprehensive error handling. You can confidently use it in both development and production environments with proper API key management and access controls.

Next Steps

Your AI tool is now connected to your WoWSQL project using HTTP-based MCP. Try asking the AI tool to query your database using natural language commands.