{"id":51744577,"url":"https://github.com/developerz-ai/db-mcp-gateway","last_synced_at":"2026-07-18T17:35:16.359Z","repository":{"id":360947427,"uuid":"1250895974","full_name":"developerz-ai/db-mcp-gateway","owner":"developerz-ai","description":"Self-hosted MCP gateway: AI agents get audited, SSO-gated, read-only database access without ever holding a DB credential.","archived":false,"fork":false,"pushed_at":"2026-07-16T16:36:01.000Z","size":948,"stargazers_count":3,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-07-18T17:35:07.635Z","etag":null,"topics":["ai-agents","audit-log","claude-code","database","mcp","model-context-protocol","oidc","postgres","rust","security","self-hosted","sso"],"latest_commit_sha":null,"homepage":"https://developerz-ai.github.io/db-mcp-gateway/","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/developerz-ai.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":"audit.toml","citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-27T04:10:03.000Z","updated_at":"2026-07-16T16:36:08.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/developerz-ai/db-mcp-gateway","commit_stats":null,"previous_names":["developerz-ai/db-mcp-gateway"],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/developerz-ai/db-mcp-gateway","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/developerz-ai%2Fdb-mcp-gateway","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/developerz-ai%2Fdb-mcp-gateway/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/developerz-ai%2Fdb-mcp-gateway/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/developerz-ai%2Fdb-mcp-gateway/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/developerz-ai","download_url":"https://codeload.github.com/developerz-ai/db-mcp-gateway/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/developerz-ai%2Fdb-mcp-gateway/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35626138,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-18T02:00:07.223Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agents","audit-log","claude-code","database","mcp","model-context-protocol","oidc","postgres","rust","security","self-hosted","sso"],"created_at":"2026-07-18T17:35:10.893Z","updated_at":"2026-07-18T17:35:16.349Z","avatar_url":"https://github.com/developerz-ai.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# db-mcp-gateway 🛡️\n\n**Self-hosted MCP gateway for AI agents that need database access — without ever handing out a database URL.** 🔐\n\nYour team deploys it once. Developers add one URL to their AI agent's MCP config. The gateway holds every credential, enforces SSO-driven permissions, and writes an append-only audit log on every query.\n\n---\n\n## 🏛️ Three pillars\n\n| Pillar | What it means |\n|---|---|\n| 🔐 **Credentials never leave the gateway** | No DB URL on a laptop, ever. No tool returns one. No log line contains one. |\n| 👤 **Identity end-to-end** | Every query traces SSO user → group → grant → audit row. |\n| 📜 **Config-as-code** | Permissions live in YAML, reviewed by PR. No in-band admin UI, by design. |\n\n---\n\n## ✨ What's in the box\n\n- 🤖 **MCP tool surface** — `list_databases`, `describe_schema`, `sample_table`, `run_query`, `explain`, `get_query_history`.\n- 🔑 **OIDC SSO** — Okta, Google Workspace, Entra, Authentik, Keycloak. Browser-flow login from the agent (no embedded browser needed).\n- 🎯 **Read-only by default, writes opt-in per grant** — per-database least-privilege roles; a `query_write` grant permits data writes (INSERT/UPDATE/DELETE), never schema changes. Statement timeouts and row caps enforced at the DB *and* gateway layer.\n- 📋 **Permissions in YAML** — group × server × database × action, with per-grant constraints (`require_reason`, `row_limit`, `statement_timeout_ms`, allow/deny schemas, time windows).\n- 📊 **Synchronous audit log** — user, SQL, reason, row count, duration, outcome. Hot retention in Postgres, optional S3/GCS/Azure archive, OTLP/syslog/stdout sinks.\n- 🐳 **Boring deployment** — `docker pull` + one YAML file + one Postgres.\n\n---\n\n## 🚧 Status\n\n**v1.1.1 — stable.** In production use. Pull it: `docker pull ghcr.io/developerz-ai/db-mcp-gateway:1.1.1` — multi-arch (`linux/amd64`, `linux/arm64`). Targets: PostgreSQL and MongoDB (MySQL/MSSQL rejected at boot). See [`docs/deployment/releasing.md`](docs/deployment/releasing.md) for the compatibility policy.\n\n---\n\n## 🎯 Who Should Use This\n\n**For Platform/SRE Teams:** Enable AI agent database access without credential exposure or compliance risk. Complete audit trail with SSO integration.\n\n**For Backend Developers:** Query production databases safely using natural language. No database passwords on your laptop, every query attributed to your identity.\n\n**For Data Analytics:** Self-service access to multiple databases (PostgreSQL, MySQL, MongoDB) through a single interface with built-in resource limits.\n\n**For Security/Compliance:** Centralized database access control with user attribution, query logging, and enforceable constraints (timeouts, row limits, schema filtering).\n\n---\n\n## 💡 Key Use Cases\n\n- **AI Agent Database Access:** Claude Code agents query production databases for debugging and analysis without ever handling database credentials\n- **Analytics Without Direct Access:** Business analysts ask questions in natural language, gateway enforces read-only and resource limits automatically\n- **Multi-Database Workflows:** AI agents query across PostgreSQL, MySQL, and MongoDB with unified security and audit trail\n- **Production Debugging with Compliance:** On-call engineers investigate incidents with enforced reason logging and time limits\n\n**[Read detailed use cases →](docs/use-cases.md)**\n\n---\n\n## ✨ Key Features\n\n**🔐 Zero-Trust Security:** Database credentials never leave the gateway. No URLs, passwords, or connection strings reach AI agents or developer laptops.\n\n**👤 Complete User Attribution:** Every query logged with SSO user identity, SQL statement, reason, timestamp, and results. Full compliance audit trail.\n\n**🛡️ Built-in Safety:** Statement timeouts, row limits, read-only enforcement, and schema filtering prevent runaway queries and accidental data modification.\n\n**📋 Git-Based Permissions:** Access control defined in YAML files, reviewed via PR, with complete change history. No admin UI to maintain.\n\n**🤖 MCP-Native:** Purpose-built for AI agents with complete tool surface (list databases, describe schema, run queries, explain plans, query history).\n\n**🏗️ Multi-Database:** Single gateway supports PostgreSQL, MySQL, and MongoDB with consistent security model and unified audit trail.\n\n**[Read complete feature documentation →](docs/features.md)**\n\n---\n\n## 🚀 Quick links\n\n| If you're… | Read |\n|---|---|\n| 💡 Trying to understand what this is | [`docs/initial-idea/01-overview.md`](docs/initial-idea/01-overview.md) |\n| 🛠️ A developer whose org already runs it | [`docs/usage/first-query.md`](docs/usage/first-query.md) (5-min walkthrough) → [`docs/usage/claude-code.md`](docs/usage/claude-code.md) (reference) |\n| 🏗️ A platform/SRE deploying it | [`docs/deployment/quickstart.md`](docs/deployment/quickstart.md) |\n| 🤖 Adding it to a non-Claude MCP client | [`docs/usage/other-agents.md`](docs/usage/other-agents.md) |\n| 📦 Cutting a release | [`docs/deployment/releasing.md`](docs/deployment/releasing.md) |\n| 🚫 Wondering what it *won't* do | [`docs/initial-idea/10-non-goals.md`](docs/initial-idea/10-non-goals.md) |\n| 🗺️ Tracking what's built vs planned | [`docs/initial-idea/11-roadmap.md`](docs/initial-idea/11-roadmap.md) |\n| 📊 Performance benchmarks | [`docs/benchmarks.md`](docs/benchmarks.md) |\n| ⚖️ vs alternatives | [`docs/comparison.md`](docs/comparison.md) |\n\n---\n\n## ⚡ One-minute mental model\n\n```\n┌─────────┐    MCP/HTTPS    ┌──────────────┐    pg wire    ┌──────────┐\n│ agent   │ ──────────────▶ │   gateway    │ ────────────▶ │ target   │\n│ (Claude │   bearer: jwt   │              │  ro role per  │  DBs     │\n│  Code)  │ ◀────────────── │  authz+audit │ ◀──────────── │          │\n└─────────┘   tool result   └──────┬───────┘   result rows └──────────┘\n                                   │\n                                   ▼\n                            ┌──────────────┐\n                            │ state DB     │\n                            │ (sessions +  │\n                            │  audit log)  │\n                            └──────────────┘\n```\n\n---\n\n## 🧱 Tech stack\n\n| Concern | Choice |\n|---|---|\n| Language | Rust (stable) |\n| Async runtime | tokio |\n| HTTP | axum |\n| DB driver | sqlx |\n| Config | serde + YAML, validated at boot |\n| State store | Postgres (co-deployed) |\n| Distribution | OCI image — `ghcr.io/developerz-ai/db-mcp-gateway` |\n\n---\n\n## 📦 Pulling the image\n\nPublic on GHCR — no auth needed to pull:\n\n```bash\ndocker pull ghcr.io/developerz-ai/db-mcp-gateway:latest\n```\n\nPinned to a version (recommended in prod):\n\n```bash\ndocker pull ghcr.io/developerz-ai/db-mcp-gateway:1.1.1\n```\n\nMulti-arch (amd64 + arm64). Built reproducibly from a `v*` git tag — see [`docs/deployment/releasing.md`](docs/deployment/releasing.md).\n\n---\n\n## 🤝 Adding it to Claude Code\n\n```bash\nclaude mcp add --transport http db-gateway --scope project https://db.internal.acme.com\n```\n\nThat's the whole client-side setup. First call triggers SSO. Walk through it end-to-end in [`docs/usage/first-query.md`](docs/usage/first-query.md), or jump to the full reference in [`docs/usage/claude-code.md`](docs/usage/claude-code.md).\n\n---\n\n## 📜 License\n\nMIT. See [`LICENSE`](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeveloperz-ai%2Fdb-mcp-gateway","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeveloperz-ai%2Fdb-mcp-gateway","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeveloperz-ai%2Fdb-mcp-gateway/lists"}