# Nhost MCP

> Nhost MCP manages all your backend needs—user sign-ins, profile lookups, file uploads, and session control—directly from any AI agent. Connect this MCP to instantly handle authentication flows (email/password, OTP, magic links), manage user accounts, and interact with cloud storage without leaving your development environment.

## Overview
- **Category:** developer-tools
- **Price:** Free
- **Tags:** authentication, backend-as-a-service, cloud-storage, user-management, serverless

## Description

This connector lets you build complex applications by giving your AI client direct access to Nhost's core services. Instead of writing boilerplate API calls every time a user signs up or needs their profile checked, your agent simply uses this MCP. You can programmatically manage everything from registering new users with `signup_email_password` to refreshing expired tokens using the `refresh_token`. Need to handle files? Your agent handles uploads via `upload_file`, and you can even retrieve necessary file metadata or download content through specialized tools like `get_file`. Because Vinkius hosts this MCP, your AI client gets all these backend capabilities in one place. This lets you test entire user journeys—like an anonymous login followed by a profile update—entirely within your development workflow.

## Tools

### change_email
Requests that a user's email address be updated, requiring elevated credentials.

### delete_file
Permanently removes a specific file from your Nhost storage buckets.

### get_file_presigned_url
Generates a temporary, secure link that allows controlled access to a private file.

### get_file
Downloads the full content of an existing file, optionally applying image transformations.

### get_user
Retrieves the profile information for the user currently signed into the system.

### refresh_token
Generates a new JWT access token using an existing, valid refresh token.

### reset_password
Initiates the process of sending a password reset email to the user's registered address.

### signin_anonymous
Creates a new user session without requiring any credentials or personal information.

### signin_email_password
Authenticates a user by submitting their email address and current password.

### signin_otp_email
Starts the login process using an email-based one-time password (OTP).

### signin_passwordless_email
Initiates a secure, click-through login by sending a magic link to the user's email.

### signout
Invalidates all associated refresh tokens and ends the current user session completely.

### signup_email_password
Registers a brand new user account using an email address and chosen password.

### signup_otp_email
Creates a new user account by verifying their identity through an OTP sent to their email.

### upload_file
Uploads file content, whether text or base64 encoded, and returns its associated metadata.

## Prompt Examples

**Prompt:** 
```
Sign in user dev@example.com with password 'securePass123'.
```

**Response:** 
```
I've initiated the sign-in process for dev@example.com using `signin_email_password`. The session has been successfully established.
```

**Prompt:** 
```
Show me the profile details for the current authenticated user.
```

**Response:** 
```
Fetching profile... Using `get_user`, I've retrieved the account details: User ID 'usr_7721', Email 'dev@example.com', and the account is currently active.
```

**Prompt:** 
```
Upload a file named 'config.json' with content '{"theme": "dark"}'.
```

**Response:** 
```
Processing upload... I've used `upload_file` to save 'config.json' to your Nhost Storage. The file is now available in your default bucket.
```

## Capabilities

### Manage User Authentication
Your agent can sign users into the system using email and password, one-time passwords (OTP), or magic links.

### Handle Account Registration
You can create new user accounts by providing an email and password combination, or via OTP methods.

### Retrieve User Profiles
The MCP fetches current user account details, allowing you to check statuses or retrieve specific profile data.

### Control Sessions and Tokens
You can generate new access tokens using a refresh token, or securely end active user sessions across all devices.

### Perform File Storage Operations
Your agent manages file uploads to your Nhost buckets and allows you to delete files when they are no longer needed.

## Use Cases

### The Onboarding Flow Test
A developer needs to verify that a new user sign-up works end-to-end. They prompt their agent: 'First, register user Jane Doe using email and password.' The agent uses `signup_email_password`, then follows up by calling `get_user` to confirm the profile was created correctly.

### The File Management Audit
A DevOps team needs to clean up old assets. They ask their agent to list all files and delete a specific image using `delete_file`, followed by generating a secure, temporary link for review with `get_file_presigned_url`.

### The Session Recovery
A support agent needs to check why a user's app suddenly logged them out. They use the MCP to call `refresh_token`, and if that fails, they can escalate by calling `signout` to confirm token invalidation.

### The Data Ingestion Pipeline
A data scientist needs to upload a large configuration file. They instruct their agent to use the `upload_file` tool with base64 content, ensuring the file metadata is captured instantly for subsequent processing.

## Benefits

- Test full user journeys instantly. You can simulate a sign-in using `signin_email_password`, then immediately check the profile status with `get_user`—all without changing tabs.
- Handle complex credentialing. Don't just reset passwords; your agent can initiate that process by calling `reset_password` and guide you through the full flow.
- Simplify file handling. Whether uploading new assets via `upload_file` or retrieving content with `get_file`, all storage operations are channeled through one consistent interface.
- Improve session reliability. If a user's token expires, your agent can automatically call `refresh_token` to extend access without disrupting the workflow.
- Streamline onboarding. You can register users using multiple paths—from simple anonymous login via `signin_anonymous` to formal registration with `signup_otp_email`.

## How It Works

The bottom line is that you get a single point of control for all your user and file backend operations without writing any low-level HTTP requests.

1. First, subscribe to this MCP on Vinkius and provide the necessary Nhost Auth and Storage URLs from your project dashboard.
2. Next, tell your AI agent what action you need. For example, 'Sign in user X with Y password' or 'Upload image Z'.
3. The agent executes the required tool call, interacting directly with Nhost to perform the authentication, storage, or profile management task.

## Frequently Asked Questions

**How do I start a session using Nhost MCP?**
You can start sessions in several ways. For basic testing, use `signin_email_password`. If you need maximum security, try `signin_passwordless_email` to generate a magic link.

**Can I check user details with Nhost MCP?**
Yes, the `get_user` tool lets your agent retrieve the current authenticated user's profile information, giving you immediate access to key account data.

**What if I need to delete a file using Nhost MCP?**
You use the `delete_file` tool. Your agent will handle the permanent removal of the specified asset from your storage bucket, making sure it's gone completely.

**How does Nhost MCP help with token management?**
Token management is handled by two primary tools: `refresh_token` extends an expired session, and `signout` ensures the user is logged out everywhere.

**Do I need specific credentials to use Nhost MCP?**
Yes. You must subscribe to this MCP with your Nhost Auth and Storage URLs provided by your project dashboard for it to function correctly.