Enterprise-grade MCP server for Azure SQL with Azure AD auth, 34 tools, tiered safety gates, and multi-agent support
mcp-azure-sql
Azure SQL + AI agents. 34 tools. One command.
Enterprise MCP server for Azure SQL & SQL Server.
Azure AD auth • Tiered safety gates • Zero dependencies • Written in Go.
Quick Start
1 Add to your AI agent
CLI agents — one command, done:
# Claude Code (Anthropic)
claude mcp add --transport stdio --scope user azure-sql -- npx -y mcp-azure-sql
# Codex CLI (OpenAI)
codex mcp add azure-sql -- npx -y mcp-azure-sql
# Gemini CLI (Google)
gemini mcp add -s user azure-sql npx -y mcp-azure-sql
IDE agents — add this JSON block to your agent's config file:
{
"azure-sql": {
"command": "npx",
"args": ["-y", "mcp-azure-sql"],
"env": {
"AZURE_SQL_CONFIG_FILE": "~/.config/azure-sql-mcp/connections.json"
}
}
}
Where does this go? (click to expand)
| Agent | File | Key |
|:------|:-----|:----|
| 
settings.json | "mcp" > "servers" |
| 
~/.cursor/mcp.json | "mcpServers" |
| 
~/.codeium/windsurf/mcp_config.json | "mcpServers" |
| 
cline_mcp_settings.json | "mcpServers" |
| 
~/.continue/config.yaml | mcpServers: (YAML) |
| 
claude_desktop_config.json | "mcpServers" |
2 Configure your databases
Create ~/.config/azure-sql-mcp/connections.json:
{
"defaults": { "auth": "azuread" },
"connections": [
{
"name": "dev",
"server": "myserver.database.windows.net",
"database": "myapp-dev",
"environment": "dev"
},
{
"name": "prod",
"server": "myserver.database.windows.net",
"database": "myapp-prod",
"environment": "prod",
"prod": true
}
]
}
See
example-config.jsonfor SQL auth, connection strings, and all options.
3 Sign in to Azure
az login
✓ Done
Restart your AI agent. You now have 34 database tools.
Tools
| Query & Execute | query • execute |
| Schema | list_tables • describe_table • describe_indexes • describe_foreign_keys • search_columns • table_row_counts • search_objects • describe_triggers |
| Views / Procs / Functions | list_views • describe_view • list_stored_procs • describe_sproc • list_functions • describe_function |
| Performance | explain_query • active_queries • long_running_queries • top_queries_by_cpu • wait_stats • blocking_chains • index_usage_stats • missing_indexes • table_statistics_health • database_size |
| Connections | list_connections • test_connection • connection_info • add_connection |
| Compliance | compare_tables • ef6_migration_status • permission_audit • hangfire_dashboard |
Safety
Your AI agent cannot accidentally destroy production.
| | query | execute on dev | execute on prod |
|:--|:--|:--|:--|
| SELECT | ✓ | — | — |
| INSERT / UPDATE / DELETE | ✗ | confirm=true | confirm=true |
| DROP / TRUNCATE / ALTER | ✗ | confirm=true | Blocked |
| EXEC / {call} | ✗ | confirm=true | confirm=true |
Production = any connection with "prod": true or "environment": "prod".
Authentication
| Mode | When to use |
|:--|:--|
| azuread (default) | Azure SQL via az login, managed identity, or service principal |
| sql | Legacy SQL Server — add "user" and "password" to connection |
| connstr | Custom — add "connection_string" with full connection string |
Why Go?
| | Go | TypeScript / Python |
|:--|:--|:--|
| Startup | ~5ms | 500ms+ |
| Binary | Single 16MB file | Runtime + packages |
| Memory | ~15MB | 80MB+ |
| Install | Download → run | npm install + Node.js |
| Azure AD | Native driver | @azure/identity shim |
| Concurrency | Goroutines | Event loop / GIL |
Configuration reference
Config file
{
"defaults": { "auth": "azuread", "app_name": "my-app" },
"connections": [{
"name": "unique-name",
"server": "server.database.windows.net",
"database": "dbname",
"auth": "azuread",
"environment": "dev",
"description": "Human-readable note",
"prod": false
}]
}
Environment tags: dev sqa qa beta delta test preprod prod
Environment variables
# Legacy (no config file needed)
export AZURE_SQL_CONNECTIONS="dev=server.database.windows.net/mydb;qa=qaserver.database.windows.net/qadb"
# Override production list
export AZURE_SQL_PROD_CONNECTIONS="my-prod-db,my-staging-db"
Architecture
AI Agent ──stdio/JSON-RPC──> mcp-azure-sql ──Azure AD──> Azure SQL
│
├── 34 tools with MCP annotations
├── Tiered safety (read/write/dangerous)
├── Connection pool (30s ping skip)
├── Audit logging
└── Error sanitization
Built with mcp-go + go-mssqldb. MCP protocol 2024-11-05. Tool annotations (ReadOnlyHint, DestructiveHint, IdempotentHint, OpenWorldHint) on all 34 tools. Logging capability enabled.
Development & releases
go build -o mcp-azure-sql .
go vet ./...
./mcp-azure-sql --version
Release: git tag v1.3.0 && git push origin v1.3.0 → GitHub Actions builds 6 platform binaries via GoReleaser → npm auto-publishes.