mongodb-mcp-server
Verified Safeby mongodb-js
Overview
Provides a robust AI agent interface for interacting with MongoDB databases and MongoDB Atlas cloud services, enabling tool-calling for data management, monitoring, and search operations.
Installation
node dist/esm/index.jsEnvironment Variables
- MDB_MCP_API_BASE_URL
- MDB_MCP_API_CLIENT_ID
- MDB_MCP_API_CLIENT_SECRET
- MDB_MCP_CONNECTION_STRING
- MDB_MCP_LOGGERS
- MDB_MCP_LOG_PATH
- MDB_MCP_DISABLED_TOOLS
- MDB_MCP_CONFIRMATION_REQUIRED_TOOLS
- MDB_MCP_READ_ONLY
- MDB_MCP_INDEX_CHECK
- MDB_MCP_TELEMETRY
- MDB_MCP_TRANSPORT
- MDB_MCP_HTTP_PORT
- MDB_MCP_HTTP_HOST
- MDB_MCP_HTTP_HEADERS
- MDB_MCP_HTTP_BODY_LIMIT
- MDB_MCP_IDLE_TIMEOUT_MS
- MDB_MCP_NOTIFICATION_TIMEOUT_MS
- MDB_MCP_MAX_BYTES_PER_QUERY
- MDB_MCP_MAX_DOCUMENTS_PER_QUERY
- MDB_MCP_EXPORTS_PATH
- MDB_MCP_EXPORT_TIMEOUT_MS
- MDB_MCP_EXPORT_CLEANUP_INTERVAL_MS
- MDB_MCP_ATLAS_TEMPORARY_DATABASE_USER_LIFETIME_MS
- MDB_MCP_VOYAGE_API_KEY
- MDB_MCP_EMBEDDINGS_VALIDATION
- MDB_MCP_VECTOR_SEARCH_DIMENSIONS
- MDB_MCP_VECTOR_SEARCH_SIMILARITY_FUNCTION
- MDB_MCP_PREVIEW_FEATURES
- MDB_MCP_ALLOW_REQUEST_OVERRIDES
- MDB_MCP_DRY_RUN
- DO_NOT_TRACK
Security Notes
The server implements several security measures including: explicit warnings for untrusted data in responses, configurable read-only mode, confirmation for destructive tools, temporary database user creation for Atlas connections, and validation of Atlas API credentials. It also warns about insecure HTTP host bindings. Secrets are handled via a Keychain for redaction in logs. However, inherent risks of exposing an API exist, and client-side handling of `postMessage` (for UI iframes) is critical for full security, which is outside the server's direct control. Query parameter overrides are explicitly blocked for secret fields, enhancing security.
Similar Servers
mcp-typescript-template
This project provides a foundational TypeScript template for developing remote Model Context Protocol (MCP) servers with robust tooling and best practices.
toolhive-registry-server
The central metadata hub for enterprise Model Context Protocol (MCP) server governance and discovery, implementing the official MCP Registry API specification.
universal-mcp-servers
A comprehensive collection of 40+ Model Context Protocol (MCP) servers providing powerful capabilities for all major AI development tools, offering integration for IDEs, desktop applications, and command-line interfaces.
jsboige-mcp-servers
Manage and monitor GitHub Projects, Repositories, Issues, and GitHub Actions workflows programmatically, providing an interface for automation and integration with tools like VSCode Roo.