https://github.com/dreamfactorysoftware/create-dreamfactory
One-command DreamFactory setup with Claude AI integration. Governed database APIs with field-level RBAC in minutes.
https://github.com/dreamfactorysoftware/create-dreamfactory
ai-agents claude-ai database-api database-governance docker-compose dreamfactory llm-tools mcp model-context-protocol rbac scaffolding-tool self-hosted
Last synced: 4 days ago
JSON representation
One-command DreamFactory setup with Claude AI integration. Governed database APIs with field-level RBAC in minutes.
- Host: GitHub
- URL: https://github.com/dreamfactorysoftware/create-dreamfactory
- Owner: dreamfactorysoftware
- License: other
- Created: 2026-02-04T16:23:56.000Z (5 months ago)
- Default Branch: master
- Last Pushed: 2026-02-04T16:23:58.000Z (5 months ago)
- Last Synced: 2026-02-20T03:39:53.620Z (4 months ago)
- Topics: ai-agents, claude-ai, database-api, database-governance, docker-compose, dreamfactory, llm-tools, mcp, model-context-protocol, rbac, scaffolding-tool, self-hosted
- Language: TypeScript
- Size: 104 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Security: docs/security-rbac.md
- Roadmap: ROADMAP.md
Awesome Lists containing this project
README
# @dreamfactory/create
> One command to get governed database APIs with AI agent integration
[](https://www.npmjs.com/package/@dreamfactory/create)
[](LICENSE)
[](https://hub.docker.com/r/dreamfactorysoftware/df-docker)
[](https://modelcontextprotocol.io)
## TL;DR
**Give Claude AI (or any LLM) secure database access in 3 minutes:**
```bash
npx @dreamfactory/create my-project
```
**What you get:** Self-hosted REST API for your databases with field-level security, SQL injection protection, and Claude Desktop integration out of the box.
**Perfect for:** AI agents, chatbots, LLM-powered analytics, RAG applications, agentic workflows.
**Supported databases:** PostgreSQL, MySQL, MongoDB (OSS) | Oracle, SQL Server, Snowflake, SAP HANA (Commercial).
---
## Problem
Connecting AI agents directly to databases:
- ❌ Exposes credentials to LLMs
- ❌ Lacks governance and audit trails
- ❌ Risks SQL injection from prompt injection attacks
- ❌ No field-level access control
## Solution
DreamFactory provides a secure API layer with:
- ✅ Field-level RBAC (block PII from AI queries)
- ✅ Parameterized queries (prevents SQL injection)
- ✅ Audit logging (track all AI database access)
- ✅ 25+ database connectors (Oracle, SQL Server, PostgreSQL, MySQL, MongoDB, Snowflake, etc.)
- ✅ Identity passthrough for end-user attribution
## Quick Start
```bash
npx @dreamfactory/create my-project
cd my-project
# DreamFactory + Claude AI integration ready in 3 minutes ⚡
```
## What You Get
- **DreamFactory OSS** running in Docker
- **PostgreSQL demo database** (Pagila dataset with 15 tables, 100k+ records)
- **MCP server** for Claude Desktop integration
- **Pre-configured RBAC** with example access rules
- **Auto-generated API key** ready to use
## Why DreamFactory for AI Applications
**The Problem with Direct Database Access:**
When AI agents connect directly to databases, they see everything - including PII, credentials, and sensitive business data. Prompt injection attacks can trick LLMs into executing malicious SQL, and there's no audit trail of what the AI accessed.
**DreamFactory's AI-First Solution:**
- **No Exposed Credentials:** API keys instead of database passwords
- **Field-Level Control:** Block specific columns (SSN, credit cards, salaries) from AI queries
- **SQL Injection Proof:** All queries are parameterized automatically
- **Identity Passthrough:** Track which end-user triggered each AI query
- **Complete Audit Trail:** Log every API call for compliance (GDPR, HIPAA, SOC 2)
## AI Use Cases
### 1. Claude Desktop with Production Databases
```
Scenario: Data analyst needs to query production PostgreSQL via natural language
Setup: 5 minutes with this package
Security: RBAC blocks PII fields, read-only access
Benefit: Instant insights without SQL knowledge or security risks
```
### 2. Customer Support Chatbot
```
Scenario: Support bot needs customer order history and account status
Setup: Connect your database, configure RBAC to allow orders table (read-only)
Security: Block customer.email, customer.phone, payment.card_number
Benefit: Bot answers questions without exposing sensitive data
```
### 3. AI-Powered Analytics Dashboard
```
Scenario: LLM generates reports from sales, inventory, and customer data
Setup: DreamFactory API + your favorite LLM (GPT-4, Claude, Llama)
Security: Row-level filters (tenant_id = {user.tenant_id})
Benefit: Multi-tenant SaaS with AI features, zero data leakage
```
### 4. RAG with Structured + Unstructured Data
```
Scenario: Hybrid search across vector DB (documents) + relational DB (metadata)
Setup: DreamFactory for SQL, your vector DB for embeddings
Security: Consistent RBAC across both data sources
Benefit: AI answers questions using both knowledge sources
```
### 5. Agentic Workflows with Database State
```
Scenario: AI agent manages inventory, orders, notifications
Setup: DreamFactory REST API with POST/PUT permissions for specific tables
Security: Restrict AI to specific operations (e.g., can create orders, can't delete)
Benefit: Autonomous AI workflows with governance guardrails
```
## Comparison to Alternatives
| Feature | DreamFactory | Direct DB Access | Custom API | Supabase |
|---------|--------------|------------------|------------|----------|
| **Field-level RBAC** | ✅ | ❌ | Manual | Row-level only |
| **Oracle/SQL Server/Snowflake** | ✅ (Commercial) | ✅ | Manual | ❌ |
| **Identity Passthrough** | ✅ | ❌ | Manual | ✅ |
| **Audit Logging** | ✅ | ❌ | Manual | ✅ |
| **SQL Injection Protection** | ✅ | Risk | Risk | ✅ |
| **Self-hosted** | ✅ | ✅ | ✅ | ✅ |
| **AI/MCP Integration** | ✅ | ❌ | Manual | ❌ |
| **Time to Setup** | 3 min | N/A | Weeks | Minutes |
## Example: Claude AI Integration
After setup, restart Claude Desktop and try these prompts:
### Schema Exploration
```
You: "What tables are in the demo database?"
Claude: Queries and lists: actor, film, customer, rental, payment, store, etc.
You: "Show me the schema for the customer table"
Claude: Returns columns: customer_id, first_name, last_name, email, phone, address_id...
```
### Data Queries with Natural Language
```
You: "Show me the top 10 most rented films"
Claude: SELECT film.title, COUNT(*) as rentals
FROM rental JOIN inventory JOIN film
GROUP BY film.title ORDER BY rentals DESC LIMIT 10
You: "Find all customers who rented action movies in the last month"
Claude: [Executes complex JOIN across customer, rental, film, category tables]
```
### RBAC in Action
```
You: "Get all customer records with their email addresses"
Claude: Returns customer data, but email field shows null (blocked by RBAC)
You: "Show payment amounts for customer ID 5"
Claude: Returns payment records, but amount field is blocked by field-level restrictions
```
### Multi-Step Analysis
```
You: "Which actor appears in the most films?"
Claude: Queries actor_film join table, returns top actor
You: "Now show me all their films sorted by rental count"
Claude: Uses previous context to query films for that actor + rental stats
```
## Architecture
```
┌─────────────────┐
│ Claude Desktop │
└────────┬────────┘
│ MCP Protocol
▼
┌─────────────────────────────┐
│ DreamFactory API Layer │
│ ┌───────────────────────┐ │
│ │ Field-level RBAC │ │
│ │ Parameterized Queries │ │
│ │ Audit Logging │ │
│ └───────────────────────┘ │
└─────────┬───────────────────┘
│ Secure Connection
▼
┌──────────────┐
│ Database │
└──────────────┘
```
## CLI Options
```bash
npx @dreamfactory/create [options] [project-name]
Options:
-p, --port DreamFactory port (default: 8080)
--admin-password Admin password
--skip-claude Skip Claude Desktop configuration
--no-demo Skip demo database setup
-h, --help Display help
-V, --version Display version
```
## Examples
### Basic Setup
```bash
npx @dreamfactory/create my-api
```
### Custom Port
```bash
npx @dreamfactory/create my-api --port 3000
```
### Skip Claude Integration
```bash
npx @dreamfactory/create my-api --skip-claude
```
### Production Setup (No Demo)
```bash
npx @dreamfactory/create production-api --no-demo --port 8443
```
## Requirements
- **Node.js** 18+ (for running the setup tool)
- **Docker** & **Docker Compose** (for running DreamFactory)
- **8GB RAM** recommended
- **10GB disk space** for Docker images
## What Gets Created
```
my-project/
├── docker-compose.yml # DreamFactory, MySQL, Redis, Demo DB
├── Dockerfile # DreamFactory image configuration
├── docker-entrypoint.sh # Startup script
├── .env # Credentials (DO NOT COMMIT)
├── daemon/ # MCP daemon (Node.js)
│ ├── src/
│ ├── dist/
│ └── package.json
├── README.md # Project documentation
└── SETUP.md # Example queries and guides
```
## Post-Setup
### Access DreamFactory
- **Admin UI:** http://localhost:8080
- **API Docs:** http://localhost:8080/api/v2/docs
- **Demo DB API:** http://localhost:8080/api/v2/demo_db
### Manage Services
```bash
cd my-project
# Start
docker-compose up -d
# Stop
docker-compose down
# Logs
docker-compose logs -f web
# Restart
docker-compose restart
```
### Connect Your Databases
1. Log into admin interface
2. Navigate to **Services → Create**
3. Select database type (PostgreSQL, MySQL, MongoDB, etc.)
4. Enter connection details
5. Test & Save
Your database is now available at:
```
http://localhost:8080/api/v2/YOUR_SERVICE_NAME
```
## Claude Desktop Integration
The setup automatically configures Claude Desktop. To use:
1. **Restart Claude Desktop**
2. **Start a new chat**
3. **Try these prompts:**
- "List all tables in the demo database"
- "Show me the schema for the film table"
- "Get the top 10 most rented films"
- "Find all customers who rented action movies"
## Updating Your Installation
### Update DreamFactory Core
Get the latest DreamFactory features and bug fixes:
```bash
cd my-project
# Pull latest Docker images
docker compose pull
# Restart with new images
docker compose up -d
# Verify update
curl http://localhost:8080/api/v2/system/environment | jq '.platform.version_current'
```
**What gets updated:**
- ✅ DreamFactory core application
- ✅ MCP server (PHP package inside DreamFactory)
- ✅ Security patches and bug fixes
- ✅ New database connectors (if added to OSS)
### Update MCP Daemon
The MCP daemon (Node.js proxy in `daemon/` folder) rarely needs updates. When it does:
**Option 1: Manual Update** (Quick)
```bash
cd my-project/daemon
npm update # Updates dependencies only
```
**Option 2: Fresh Install** (For major daemon changes)
```bash
# Run create command again in new directory
npx @dreamfactory/create@latest my-project-v2
# Copy .env from old project if desired
```
**Future:** v0.2.0 will include `npx @dreamfactory/create upgrade` command for seamless updates.
### When to Update
**Update DreamFactory immediately for:**
- Security vulnerabilities
- Critical bug fixes
- New features you need
**Update daemon only when:**
- Release notes mention daemon changes
- You encounter MCP connection issues
- New authentication methods are added
### Version Pinning (Production)
For production stability, pin Docker image versions:
```yaml
# docker-compose.yml
services:
web:
image: dreamfactorysoftware/df-docker:5.0.0 # Specific version
# Instead of: dreamfactorysoftware/df-docker:latest
```
Then update deliberately:
```bash
# Edit docker-compose.yml to new version
docker compose pull
docker compose up -d
```
## Security Best Practices
### Production Checklist
- [ ] Change admin password (stored in `.env`)
- [ ] Configure HTTPS (use nginx/Caddy reverse proxy)
- [ ] Set up field-level RBAC for all services
- [ ] Enable audit logging
- [ ] Rotate API keys regularly
- [ ] Use environment-specific credentials
- [ ] Never commit `.env` to version control
### RBAC Configuration
1. Create roles for different use cases (read-only, admin, etc.)
2. Assign roles to API keys or users
3. Configure field-level restrictions:
- Block PII fields (email, phone, SSN)
- Restrict sensitive columns (salary, credit card)
- Apply row-level filters
## Upgrading to Commercial
OSS supports PostgreSQL, MySQL, MongoDB. Need more?
### DreamFactory Commercial Adds:
- **20+ Additional Connectors**
- Oracle, SQL Server, SAP HANA, Snowflake, IBM DB2
- Salesforce, ServiceNow, Microsoft Dynamics
- SOAP, WSDL, Custom APIs
- **Enterprise Authentication**
- Active Directory / LDAP
- SAML 2.0 SSO
- OAuth 2.0 providers
- **Advanced Security**
- Field-level encryption
- Data masking
- Advanced RBAC rules
- **Enterprise Support**
- Professional support & SLA
- Dedicated success manager
- Custom integrations
- **Analytics & Monitoring**
- API usage analytics
- Rate limiting & throttling
- Performance monitoring
### Need Oracle, SQL Server, or Other Enterprise Databases?
The commercial edition includes 20+ additional connectors. **We provide free access to community developers** - no payment required, we just want feedback.
If you need enterprise database connectors, email **[dspsupport@dreamfactory.com](mailto:dspsupport@dreamfactory.com?subject=NPX%20Package%20-%20Enterprise%20Connectors)** with:
- You're using `@dreamfactory/create`
- Which connectors you need (Oracle, SQL Server, Snowflake, SAP HANA, etc.)
- Your use case
You'll get commercial Docker images and setup guidance at no cost. We're actively looking for feedback from developers building AI applications.
## Documentation
### Guides Included with This Package
- **[FAQ](./docs/FAQ.md)** - Frequently asked questions: AI integration, security, Claude Desktop, troubleshooting
- **[AI Integration Guide](./docs/ai-integration.md)** - Complete guide: MCP, REST API patterns, security, RAG, agentic workflows
- **[Security & RBAC](./docs/security-rbac.md)** - Field-level access control, PII protection, audit logging
- **[Connecting Your Database](./docs/connecting-your-database.md)** - Step-by-step database configuration
- **[Troubleshooting](./docs/troubleshooting.md)** - Common issues, debugging, performance tuning
### External Resources
- [DreamFactory Official Docs](https://guide.dreamfactory.com)
- [API Documentation](https://guide.dreamfactory.com/docs/generating-a-database-backed-api/)
- [Model Context Protocol](https://modelcontextprotocol.io)
- [ROADMAP](./ROADMAP.md) - Upcoming features and vision
## Troubleshooting
### Docker Issues
```bash
# Check Docker is running
docker ps
# Check Docker Compose version
docker-compose --version
# View logs
cd my-project
docker-compose logs -f
```
### Port Conflicts
The CLI automatically detects port conflicts and suggests alternatives.
### DreamFactory Won't Start
```bash
# Rebuild containers
docker-compose down -v
docker-compose up --build
```
### Claude Desktop Not Connecting
1. Verify MCP config at `~/.config/Claude/claude_desktop_config.json` (Linux)
2. Check API key in config matches `.env`
3. Restart Claude Desktop
4. Verify DreamFactory is running: `curl http://localhost:8080/api/v2/system/environment`
## Contributing
We welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md).
## License
Apache License 2.0 - see [LICENSE](LICENSE)
## Support
- [GitHub Issues](https://github.com/dreamfactorysoftware/create-dreamfactory/issues)
- [Community Forum](https://community.dreamfactory.com)
- [Commercial Support](https://www.dreamfactory.com/support)
## About DreamFactory
DreamFactory is an open-source REST API platform for databases, with enterprise features available commercially. Founded in 2013, DreamFactory powers thousands of applications worldwide.
**Created with ❤️ by [DreamFactory Software](https://www.dreamfactory.com)**
---
**Keywords:** dreamfactory, database-api, rest-api, postgresql, mysql, mongodb, oracle, sql-server, claude, mcp, model-context-protocol, ai-agent, llm-database, rbac, field-level-security, database-governance, api-gateway, self-hosted, docker, scaffolding