# Xata MCP

> Xata manages serverless database infrastructure through your AI agent. It lets you handle everything from creating new organizations and projects to executing complex SQL queries, all without leaving your development environment. Control user access, manage API keys, and monitor resource quotas using natural conversation.

## Overview
- **Category:** databases
- **Price:** Free
- **Tags:** serverless, relational-database, vector-search, data-api, schema-management, data-orchestration

## Description

Use this MCP to connect your AI client directly to your Xata data infrastructure. You can treat your database governance like a chat session; instead of navigating complex dashboards, you simply ask for what you need done—whether that’s spinning up a new project or checking usage limits.

This connector handles the entire lifecycle of your serverless data resources. Need to audit who has access? Ask the agent to list all organizations and their members. Want to test a query? Execute SQL directly against any branch. You can manage developer credentials, revoke old keys, and even trigger password rotations for critical branches.

When you connect Xata through Vinkius, your security is handled by more than just good practices; your API keys pass through a secure, zero-trust proxy that ensures they are used only in transit and never stored on a disk. This means your data governance remains airtight while giving your agent full control over the operational details of your database.

## Tools

### cancel_organization_invitation
Stops a pending invitation to an organization member.

### create_branch
Creates a new, isolated database branch within a project.

### create_org_api_key
Generates an API key that applies across the entire organization.

### create_organization
Sets up a brand new Xata organizational container.

### create_project
Initializes a new development project under an existing organization.

### create_user_api_key
Issues a dedicated API key for a specific user account.

### delete_user_api_keys
Deletes multiple user-level API keys using a list of IDs.

### execute_sql
Runs one or many SQL queries against the database via an HTTP endpoint.

### get_branch_credentials
Retrieves the specific username and password required for a given database branch.

### get_branch_metrics
Queries operational data like CPU, memory, or disk usage for a specific branch.

### get_github_repository_mapping
Checks how a GitHub repository is currently mapped to a database branch.

### get_organization
Fetches detailed information about an organization by its ID.

### get_project_limits
Retrieves the resource usage limits and quotas for a given project.

### install_github_app
Links an application installation from GitHub to the organization.

### invite_organization_member
Sends a formal invitation email to a user for the organization.

### list_branches
Lists all available database branches within an active project.

### list_images
Shows which PostgreSQL versions or images are available for use.

### list_org_api_keys
Lists all API keys scoped to the entire organization.

### list_organization_invitations
Retrieves a list of pending or expired member invitations for the organization.

### list_organization_members
Lists every user currently belonging to an organization.

### list_organizations
Shows all organizations that the authenticated user belongs to.

### list_projects
Retrieves a list of all projects housed within an organization.

### list_regions
Lists all geographical regions available for project deployment.

### list_user_api_keys
Displays API keys that belong to the authenticated user account.

### map_github_repository
Connects a specified GitHub repository to a data branch.

### remove_organization_member
Removes a member from the organization, revoking their access.

### rotate_branch_credentials
Forces a password change for an existing database branch to maintain security.

### update_organization
Updates general information about the organization itself (like name or details).

## Prompt Examples

**Prompt:** 
```
List all my Xata organizations.
```

**Response:** 
```
I've retrieved your organizations. You have access to: 'Main-Org' (ID: org-123) and 'Side-Projects' (ID: org-456).
```

**Prompt:** 
```
Invite dev@example.com to organization org-123.
```

**Response:** 
```
I've sent an invitation to dev@example.com for organization org-123. You can check pending invites using `list_organization_invitations`.
```

**Prompt:** 
```
Show me the projects in organization 'org-123'.
```

**Response:** 
```
Found 2 projects in 'org-123': 'E-commerce-Backend' and 'User-Analytics'. Would you like to check the resource limits for any of these?
```

## Capabilities

### Manage Organization Structure
Create new organizational containers, list existing ones, add members, and remove access for specific users.

### Control Project Governance
Set up projects within organizations, check resource usage quotas, or view available regions for deployment.

### Execute Data Queries
Run single or batch SQL queries against specific database branches to inspect or modify data.

### Audit and Control API Keys
Generate, list, delete, and rotate user and organization-level API keys for strict access control.

### Maintain Infrastructure Links
Map GitHub repositories to specific data branches or link the platform to existing version control systems.

## Use Cases

### Onboarding a new client team
A DevOps Manager needs to add three developers and give them limited access. The agent first runs `list_organization_members` to check who exists, then uses `invite_organization_member` for the new users, and finally calls `create_user_api_key` for each one, logging the key IDs.

### Debugging data inconsistencies
A Data Engineer finds a mismatch between the live database and the code repo. They ask the agent to run `get_github_repository_mapping`, check it against `list_branches`, and then use `execute_sql` to validate the data point directly.

### Scaling up development efforts
A Backend Developer needs a new isolated sandbox for testing. They ask the agent to `create_organization`, followed by `create_project`, and then use `create_branch` to get a clean environment, all in one flow.

### Auditing compliance access
The security team wants to know who has elevated permissions. They ask the agent to run `list_org_api_keys` and cross-reference it with `list_organization_members` to build a full audit report.

## Benefits

- Automate user access control. You can invite new users using `invite_organization_member` or immediately revoke them with `remove_organization_member`, all via conversation.
- Never lose track of resources. Use `list_projects` to see every project in an organization, and check resource quotas with `get_project_limits` before development hits a wall.
- Perform deep data inspection. Run arbitrary SQL checks using `execute_sql` without needing to write a single separate client script or connection string.
- Maintain security compliance. If credentials are compromised, you can trigger an immediate password change for any branch with `rotate_branch_credentials`. This is critical.
- Streamline developer setup. Map GitHub repositories directly using `map_github_repository` to ensure development branches always match the source code.

## How It Works

The bottom line is you talk to your database like you talk to a teammate who already knows where everything is.

1. Subscribe to this MCP and enter your Xata API Key.
2. Connect your AI client (like Cursor or Claude) to Vinkius, authorizing access with the key.
3. Give a direct command to your agent; it uses the configured tools to interact with your data infrastructure.

## Frequently Asked Questions

**How do I list all my organizations using the Xata MCP?**
You run `list_organizations`. This immediately shows every organization ID you have access to, so you don't have to navigate a dashboard just to see your options.

**Can I check resource limits with get_project_limits? What does it show?**
`get_project_limits` shows the quota for CPU, memory, and disk used by projects. This is crucial for preventing unexpected overspending or service interruptions.

**What if I need to reset a branch's password? Do I use rotate_branch_credentials?**
Yes, that's the right tool. You call `rotate_branch_credentials` when you suspect credentials might be exposed or if compliance mandates it. It forces an immediate password change for maximum security.

**How do I invite a user to my organization using Xata MCP?**
Use the `invite_organization_member` tool. Just provide the email address and the target organization ID, and your agent sends the formal invitation automatically.

**How do I view all organization-scoped API keys using the `list_org_api_keys` tool?**
The tool returns a comprehensive list of every key created for the entire organization. This is essential for auditing and security checks, letting you verify who has access without needing to check individual user accounts.

**What specific metrics can I monitor for a branch using `get_branch_metrics`?**
You can pull observability data like CPU usage, memory consumption, and disk space for that specific branch. This helps you spot performance bottlenecks or unusual resource spikes before they become critical issues.

**When I use the `create_branch` tool, what happens to the existing data in a project?**
Creating a new database branch initializes it as an isolated environment. The action doesn't affect other branches or projects; you get a fresh workspace ready for new schema development and testing.

**How do I verify the current connection between my code repository and Xata using `get_github_repository_mapping`?**
This tool pulls the established mapping, showing which GitHub branch points to which database branch. It's a quick way to confirm your deployment pipeline is correctly linked before merging changes.

**Can I see all organizations I have access to?**
Yes! Use the `list_organizations` tool to retrieve all Xata organizations available to your current API key.

**How do I start a new project in a specific organization?**
Simply use the `create_project` action providing the `organization_id` and the desired name for your new project.

**Can I run raw SQL queries through the agent?**
Yes, the `execute_sql` tool allows you to run SQL queries directly against your database branches for advanced data manipulation and analysis.