Navigation
MCP-Turso-Cloud: Secure LLM-Bridge with Dual Auth - MCP Implementation

MCP-Turso-Cloud: Secure LLM-Bridge with Dual Auth

MCP-Turso-Cloud: Securely bridge LLMs to Turso databases with dual org/db authentication, enabling seamless queries and granular access control for enterprise-scale deployments.

Visit Repository
Cloud Platforms
4.5(94 reviews)
141 saves
65 comments

70% of users reported increased productivity after just one week

About MCP-Turso-Cloud

What is MCP-Turso-Cloud: Secure LLM-Bridge with Dual Auth?

MCP-Turso-Cloud is a security-oriented middleware solution designed to bridge large language models (LLMs) with Turso Database infrastructure. It implements a dual authentication mechanism to ensure secure access control, combining API token validation with database-specific permissions. This framework enables LLMs to execute SQL queries and vector search operations while maintaining strict data governance through its layered authorization protocols.

How to Use MCP-Turso-Cloud: Secure LLM-Bridge with Dual Auth?

  1. Configure API credentials in the model context
  2. Specify database permissions using the generate_database_token API
  3. Construct SQL queries via LLM interfaces with parameterized inputs
  4. Execute vector similarity searches using embedding columns
  5. Manage database context through session-based authentication flow

MCP-Turso-Cloud Features

Key Features of MCP-Turso-Cloud: Secure LLM-Bridge with Dual Auth

  • Granular access control with role-based permissions
  • Real-time SQL query execution with parameter binding
  • Vector search acceleration via SQLite extensions
  • Context-aware database selection mechanism
  • Automated token expiration management
  • Secure parameter serialization for query inputs

Use Cases of MCP-Turso-Cloud: Secure LLM-Bridge with Dual Auth

Typical applications include:

  • AI-driven analytics platforms requiring database query orchestration
  • Chatbots with secure access to enterprise databases
  • Embedding-based search systems using vector databases
  • Automated report generation with dynamic SQL composition
  • Multi-tenant environments with isolated database contexts

MCP-Turso-Cloud FAQ

FAQ from MCP-Turso-Cloud: Secure LLM-Bridge with Dual Auth

How to resolve authentication errors?
Verify API token validity and check database-specific permissions using the Turso API console
Can I customize permission scopes?
Yes, through the generate_database_token endpoint's role parameters
What query formats are supported?
Full SQL syntax compatibility with parametrized queries using :param placeholders
How does vector search work?
Uses SQLite MATCH operators on pre-indexed embedding columns for approximate nearest neighbor searches
Is TLS encryption used?
All communications are encrypted using TLS 1.3 by default

Content

mcp-turso-cloud

A Model Context Protocol (MCP) server that provides integration with Turso databases for LLMs. This server implements a two-level authentication system to handle both organization-level and database-level operations, making it easy to manage and query Turso databases directly from LLMs.

mcp-turso-cloud MCP server

Features

🏢 Organization-Level Operations

  • List Databases : View all databases in your Turso organization
  • Create Database : Create new databases with customizable options
  • Delete Database : Remove databases from your organization
  • Generate Database Token : Create authentication tokens for specific databases

💾 Database-Level Operations

  • List Tables : View all tables in a specific database
  • Execute Query : Run SQL queries against your databases
  • Describe Table : Get schema information for database tables
  • Vector Search : Perform vector similarity search using SQLite vector extensions

Two-Level Authentication System

The server implements a sophisticated authentication system:

  1. Organization-Level Authentication
* Uses a Turso Platform API token
* Manages databases and organization-level operations
* Obtained through the Turso dashboard
  1. Database-Level Authentication
* Uses database-specific tokens
* Generated automatically using the organization token
* Cached for performance and rotated as needed

Configuration

This server requires configuration through your MCP client. Here are examples for different environments:

Cline/Claude Desktop Configuration

Add this to your Cline/Claude Desktop MCP settings:

{
	"mcpServers": {
		"mcp-turso-cloud": {
			"command": "npx",
			"args": ["-y", "mcp-turso-cloud"],
			"env": {
				"TURSO_API_TOKEN": "your-turso-api-token",
				"TURSO_ORGANIZATION": "your-organization-name",
				"TURSO_DEFAULT_DATABASE": "optional-default-database"
			}
		}
	}
}

Claude Desktop with WSL Configuration

For WSL environments, add this to your Claude Desktop configuration:

{
	"mcpServers": {
		"mcp-turso-cloud": {
			"command": "wsl.exe",
			"args": [
				"bash",
				"-c",
				"TURSO_API_TOKEN=your-token TURSO_ORGANIZATION=your-org node /path/to/mcp-turso-cloud/dist/index.js"
			]
		}
	}
}

Environment Variables

The server requires the following environment variables:

  • TURSO_API_TOKEN: Your Turso Platform API token (required)
  • TURSO_ORGANIZATION: Your Turso organization name (required)
  • TURSO_DEFAULT_DATABASE: Default database to use when none is specified (optional)
  • TOKEN_EXPIRATION: Expiration time for generated database tokens (optional, default: '7d')
  • TOKEN_PERMISSION: Permission level for generated tokens (optional, default: 'full-access')

API

The server implements MCP Tools organized by category:

Organization Tools

list_databases

Lists all databases in your Turso organization.

Parameters: None

Example response:

{
	"databases": [
		{
			"name": "customer_db",
			"id": "abc123",
			"region": "us-east",
			"created_at": "2023-01-15T12:00:00Z"
		},
		{
			"name": "product_db",
			"id": "def456",
			"region": "eu-west",
			"created_at": "2023-02-20T15:30:00Z"
		}
	]
}

create_database

Creates a new database in your organization.

Parameters:

  • name (string, required): Name for the new database
  • group (string, optional): Group to assign the database to
  • regions (string[], optional): Regions to deploy the database to

Example:

{
	"name": "analytics_db",
	"group": "production",
	"regions": ["us-east", "eu-west"]
}

delete_database

Deletes a database from your organization.

Parameters:

  • name (string, required): Name of the database to delete

Example:

{
	"name": "test_db"
}

generate_database_token

Generates a new token for a specific database.

Parameters:

  • database (string, required): Database name
  • expiration (string, optional): Token expiration time
  • permission (string, optional): Permission level ('full-access' or 'read-only')

Example:

{
	"database": "customer_db",
	"expiration": "30d",
	"permission": "read-only"
}

Database Tools

list_tables

Lists all tables in a database.

Parameters:

  • database (string, optional): Database name (uses context if not provided)

Example:

{
	"database": "customer_db"
}

execute_query

Executes a SQL query against a database.

Parameters:

  • query (string, required): SQL query to execute
  • params (object, optional): Query parameters
  • database (string, optional): Database name (uses context if not provided)

Example:

{
	"query": "SELECT * FROM users WHERE age > ?",
	"params": { "1": 21 },
	"database": "customer_db"
}

describe_table

Gets schema information for a table.

Parameters:

  • table (string, required): Table name
  • database (string, optional): Database name (uses context if not provided)

Example:

{
	"table": "users",
	"database": "customer_db"
}

vector_search

Performs vector similarity search using SQLite vector extensions.

Parameters:

  • table (string, required): Table name
  • vector_column (string, required): Column containing vectors
  • query_vector (number[], required): Query vector for similarity search
  • limit (number, optional): Maximum number of results (default: 10)
  • database (string, optional): Database name (uses context if not provided)

Example:

{
	"table": "embeddings",
	"vector_column": "embedding",
	"query_vector": [0.1, 0.2, 0.3, 0.4],
	"limit": 5,
	"database": "vector_db"
}

Development

Setup

  1. Clone the repository
  2. Install dependencies:
npm install
  1. Build the project:
npm run build
  1. Run in development mode:
npm run dev

Publishing

  1. Update version in package.json
  2. Build the project:
npm run build
  1. Publish to npm:
npm publish

Troubleshooting

API Token Issues

If you encounter authentication errors:

  1. Verify your Turso API token is valid and has the necessary permissions
  2. Check that your organization name is correct
  3. Ensure your token hasn't expired

Database Connection Issues

If you have trouble connecting to databases:

  1. Verify the database exists in your organization
  2. Check that your API token has access to the database
  3. Ensure the database name is spelled correctly

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

MIT License - see the LICENSE file for details.

Acknowledgments

Built on:

Related MCP Servers & Clients

mcpvector-database

Quick Navigation

MCP Categories

Cloud Platforms