AI AGENT INTEGRATION

MCP Server

Spin up AxioDB in a container and let Claude (or any MCP-compatible AI agent) talk to it directly — create databases, query documents, run aggregations, manage users and roles, all through 32 tools that log in and enforce the exact same RBAC as the web GUI. It runs in the same process as your existing Docker deployment — no separate install, no new database instance.

Quick Start

The MCP server is opt-in and disabled by default — set AXIODB_MCP=true on the same container you already run for the GUI/TCP server:

bash
1docker run -d \
2 --name axiodb-server \
3 -e AXIODB_GUI=true \
4 -e AXIODB_MCP=true \
5 -p 27018:27018 \
6 -p 27019:27019 \
7 -p 27020:27020 \
8 -v axiodb-data:/app \
9 theankansaha/axiodb
10
11# Ports:
12# 27018 - HTTP GUI Dashboard
13# 27019 - TCP Remote Access (AxioDBCloud)
14# 27020 - MCP Server (Streamable HTTP, path /mcp)

Register the endpoint (http://localhost:27020/mcp) with whichever AI tool you use:

Claude Code

bash
1claude mcp add --transport http axiodb http://localhost:27020/mcp
2
3# Available across every project instead of just this one:
4claude mcp add --transport http axiodb http://localhost:27020/mcp -s user

OpenAI Codex CLI

bash
1codex mcp add axiodb --url http://localhost:27020/mcp
2
3# Or edit ~/.codex/config.toml directly:
4[mcp_servers.axiodb]
5url = "http://localhost:27020/mcp"

opencode

bash
1opencode mcp add
2# Interactive prompt: choose "remote", name it "axiodb",
3# URL: http://localhost:27020/mcp
4
5# Or edit opencode.json directly:
6{
7 "mcp": {
8 "axiodb": {
9 "type": "remote",
10 "url": "http://localhost:27020/mcp",
11 "enabled": true
12 }
13 }
14}

GitHub Copilot CLI

bash
1# Interactive: run copilot, then inside it type:
2/mcp add
3# Server Name: axiodb | Type: HTTP | URL: http://localhost:27020/mcp
4
5# Or edit ~/.copilot/mcp-config.json directly:
6{
7 "mcpServers": {
8 "axiodb": {
9 "type": "http",
10 "url": "http://localhost:27020/mcp"
11 }
12 }
13}

Cursor

json
1// .cursor/mcp.json (project) or ~/.cursor/mcp.json (global)
2{
3 "mcpServers": {
4 "axiodb": {
5 "url": "http://localhost:27020/mcp"
6 }
7 }
8}

Windsurf

json
1// ~/.codeium/windsurf/mcp_config.json
2{
3 "mcpServers": {
4 "axiodb": {
5 "serverUrl": "http://localhost:27020/mcp"
6 }
7 }
8}

Google Antigravity (IDE & CLI)

json
1// ~/.gemini/config/mcp_config.json - note: serverUrl, not url
2{
3 "mcpServers": {
4 "axiodb": {
5 "serverUrl": "http://localhost:27020/mcp"
6 }
7 }
8}

AXIODB_MCP=true only has something to serve once RBAC is actually seeded — that requires AXIODB_GUI=true (the default) or AXIODB_TCP=true + AXIODB_TCP_AUTH=true. See Docker Deployment for every environment variable.

Real Login, Real RBAC — Not a Docker Env Var

Every tool except axiodb_login requires a sessionId. Call axiodb_login first with the seeded default account (admin/admin, same as the GUI) or any other RBAC user, and every subsequent call is checked against that logged-in user's actual role — a View-role session gets a real 403 on write tools, exactly like the GUI would. Nothing is gated by a static container environment variable.

json
1// axiodb_login({ username: "admin", password: "admin" })
2{
3 "statusCode": 200,
4 "message": "Login successful",
5 "data": {
6 "sessionId": "a1b2c3...",
7 "username": "admin",
8 "role": "Super Admin",
9 "permissions": ["db:view", "db:create", "..."],
10 "mustChangePassword": true
11 }
12}
  • Sessions live in server memory only, 24h sliding TTL — call axiodb_logout when done rather than waiting it out
  • axiodb_whoami returns the identity/role/permissions behind a given session
  • axiodb_change_own_password rotates the session and returns a new sessionId
  • Same login rate limiter as the GUI/TCP login (5 failed attempts / 15 min lockout)

32 Tools, Mirroring the HTTP Control Server 1:1

Every MCP tool maps to the exact same controller and permission check as its HTTP route counterpart — nothing was reimplemented, so behavior (validation, error messages, RBAC) never drifts between the GUI and the MCP surface.

Session

No permission required — login is the gate itself

  • axiodb_login
  • axiodb_logout
  • axiodb_whoami
  • axiodb_change_own_password

Database

db:view / db:create / db:delete

  • axiodb_create_database
  • axiodb_delete_database
  • axiodb_database_exists
  • axiodb_get_instance_info

Collection

collection:view / collection:create / collection:delete

  • axiodb_create_collection
  • axiodb_delete_collection
  • axiodb_collection_exists
  • axiodb_get_collection_info

Documents & Aggregation

document:view / query / create / update / delete / aggregate

  • axiodb_insert_document
  • axiodb_insert_many_documents
  • axiodb_query_documents
  • axiodb_update_document
  • axiodb_delete_document
  • axiodb_total_documents
  • axiodb_aggregate

Index

index:view / index:create / index:delete

  • axiodb_create_index
  • axiodb_drop_index
  • axiodb_list_indexes

Dashboard

dashboard:view

  • axiodb_get_dashboard_stats

User Management

user:view / create / update-role / reset-password / delete — Super Admin role only

  • axiodb_list_users
  • axiodb_create_user
  • axiodb_update_user_role
  • axiodb_reset_user_password
  • axiodb_delete_user

Role Management

role:view / role:create / role:delete — Super Admin role only

  • axiodb_list_roles
  • axiodb_create_role
  • axiodb_delete_role
  • axiodb_list_permissions

Out of scope by design: transactions and database export/import are not exposed as MCP tools — kept out of this surface entirely rather than deferred.

Example: Insert & Query From an Agent

text
11. axiodb_login({ username: "admin", password: "admin" })
2 -> sessionId: "a1b2c3..."
3
42. axiodb_create_database({ sessionId, name: "shop" })
5
63. axiodb_create_collection({ sessionId, dbName: "shop", collectionName: "orders" })
7
84. axiodb_insert_document({
9 sessionId, dbName: "shop", collectionName: "orders",
10 document: { customer: "Alice", total: 49.99, status: "paid" }
11 })
12
135. axiodb_query_documents({
14 sessionId, dbName: "shop", collectionName: "orders",
15 query: { status: "paid" }
16 })

Security Notes

  • Every write/read tool is permission-checked against the caller's actual role on every call, not just at login
  • An invalid, expired, or missing sessionId is rejected before it ever reaches a database operation
  • Collection metadata responses (axiodb_get_collection_info) never include the raw AES encryption key — only whether a collection is encrypted
  • Expose port 27020 only to trusted networks/agents, same guidance as the TCP port — the MCP server carries the same authority as the GUI, just a different transport

Give Your Agent a Database

Deploy the container, enable AXIODB_MCP, and register it with your MCP client.