Video + Guide
Secure AI + Database Integration in 5 Minutes with DreamFactory MCP and Claude
Generate a read-only API for your database, auto-build a dashboard, and chat with your data—without exposing raw SQL or credentials.
Watch the 5-minute demo
Download DXT
npx @Dreamfactory/Create-Df-Mcp
AI + Databases, Done Right
Most “AI + data” demos look impressive—but often give large language models direct SQL access. That’s fast for a prototype and risky for an enterprise. The workflow in this video shows a different pattern: let AI orchestrate secure APIs, not write SQL.
- Fast setup: start with a simple
.env containing DB credentials.
- Secure by design: DreamFactory MCP generates read-only, parameterized endpoints with RBAC and audit logs.
- Conversational access: use Claude Desktop via MCP to explore tables, schemas, and insights—no raw SQL exposed.
Step-by-Step: From .env to Dashboard
1) Claude Code builds the API
Provide a .env with your database credentials. Ask Claude Code to generate a read-only API and a reporting dashboard. It scaffolds endpoints, embeds keys securely, and outputs OpenAPI docs.
2) Claude Desktop chats with your data
Connect via the MCP server and ask about tables, schemas, or metrics. The LLM uses the approved endpoints—never raw SQL or credentials—returning typed JSON for deterministic tool use.
Try it now: df-mcp-v1.0.1.dxt or run npx @dreamfactory/create-df-mcp.
Why the MCP Gateway Matters
- Zero-trust access: treat AI like an untrusted client; all actions must be authenticated, authorized, validated, and logged.
- Parameterization & validation: neutralize prompt→SQL injection by enforcing schemas, types, ranges, and allowlists.
- RBAC & masking: scope access by role; hide PII with field/row-level policies before data reaches the model.
- No credential exposure: secrets stay server-side; the LLM never sees connection strings.
- Audit by default: immutable logs show who accessed what, when, and from where—SIEM-ready.
Deployment: Minutes, Not Months
Choose the fastest path for your environment:
- DXT rapid deploy: download the DXT and bring up the MCP server with sensible defaults.
- One-command setup:
npx @dreamfactory/create-df-mcp for an instant project scaffold.
Databases supported out of the box: SQL Server, MySQL, PostgreSQL and 20+ more. Standard OpenAPI makes it easy to plug into RAG frameworks and agents.
FAQ
-
What exactly happens in the 5-minute demo?
-
-
Claude Code generates a read-only API and a dashboard from your .env, while Claude Desktop connects via MCP so you can chat with your data safely—no raw SQL or exposed secrets.
-
-
-
-
Why not let the LLM write SQL?
-
Direct SQL invites prompt→SQL injection, credential leaks, policy bypass, and performance regressions. An API gateway enforces parameterization, RBAC, masking, and logging.
-
-
-
-
Which databases can I use?
-
SQL Server, MySQL, and PostgreSQL are supported with consistent security controls and auto-generated OpenAPI docs.
-
-
-
-
Do models ever see credentials or schemas?
-
No. Credentials remain server-side in DreamFactory. Models only see vetted endpoints and structured JSON responses.
-
-
-
Can I integrate this with RAG or agents?
-
Yes. The OpenAPI spec and deterministic JSON responses make these endpoints ideal for RAG retrieval and agent tool
-
functions.
-
-
What about compliance (GDPR/HIPAA/SOC2)?
-
Zero-trust, RBAC, input validation, masking, data residency controls, and immutable audit logs provide the evidence trail auditors expect.
-
-
-
How do I try it?
-
Download the DXT package or run npx @dreamfactory/create-df-mcp for instant setup.
Conclusion
You don’t need AI to write SQL to get value from your data. In five minutes, you can generate secure APIs, spin up a dashboard, and talk to your database through a governed gateway. Stop exposing raw SQL—start orchestrating secure APIs.
Download DXT
npx @dreamfactory/create-df-mcp