MCP Directory

How to add Turso Cloud MCP Server to Windsurf

Manage Turso databases and run SQL from an agent, with separate read-only and destructive query tools. Paste the config into ~/.codeium/windsurf/mcp_config.json and restart Windsurf.

Last updated June 14, 2026 · 16 · stdio · apikey

Windsurf config for Turso Cloud MCP Server

npx -y mcp-turso-cloud
{
  "mcpServers": {
    "turso-cloud-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-turso-cloud"
      ],
      "env": {
        "TURSO_API_TOKEN": "<your-turso-api-token>",
        "TURSO_ORGANIZATION": "<your-organization-name>",
        "TURSO_DEFAULT_DATABASE": "<optional-default-database>"
      }
    }
  }
}

Setup steps

  1. 1Open Windsurf → Cascade → the hammer/MCP icon → Configure (or edit ~/.codeium/windsurf/mcp_config.json).
  2. 2Paste the Turso Cloud MCP Server config below.
  3. 3Fill in placeholder secrets, then save.
  4. 4Click Refresh in the MCP panel.
  5. 5Turso Cloud MCP Server's tools become available to Cascade.

Before you start

  • Node.js with npx
  • A Turso account with a Platform API token (from the Turso dashboard)
  • Your Turso organization name; optionally a default database name

What Turso Cloud MCP Server can do in Windsurf

list_databases

List all databases in your Turso organization.

create_database

Create a database with optional group and regions.

delete_database

Delete a database from the organization.

generate_database_token

Mint a token for a database with expiration and permission level.

list_tables

List all tables in a database.

execute_read_only_query

Run SELECT/PRAGMA queries only — safe for auto-approval.

execute_query

Run INSERT/UPDATE/DELETE/CREATE/DROP and other mutating SQL.

describe_table

Get schema information for a table.

Security

Early-stage community project (small user base), and the org-level TURSO_API_TOKEN it holds can create and delete entire databases — scope expectations accordingly and keep destructive tools behind approval. The README's own warning applies: always read the SQL before approving execute_query, and note generated database tokens default to full-access with 7-day expiry.

Turso Cloud MCP Server + Windsurf FAQ

Where is the Windsurf config file?

Windsurf reads MCP servers from ~/.codeium/windsurf/mcp_config.json. Paste the Turso Cloud MCP Server config there under the "mcpServers" key and restart the client.

Is Turso Cloud MCP Server safe to use with Windsurf?

Early-stage community project (small user base), and the org-level TURSO_API_TOKEN it holds can create and delete entire databases — scope expectations accordingly and keep destructive tools behind approval. The README's own warning applies: always read the SQL before approving execute_query, and note generated database tokens default to full-access with 7-day expiry.

Is mcp-turso-cloud safe to point at production databases?

Be careful: it holds an organization-level token that can create and delete databases, and execute_query runs arbitrary mutating SQL. The tool split helps — auto-approve only execute_read_only_query — but for production data prefer read-only usage and review every destructive statement. It is also an early-stage community project, not an official Turso product.

How does the two-level authentication work?

You supply one org-level Platform API token; the server uses it for management operations and to automatically generate per-database tokens, which are cached and rotated. Generated token defaults are configurable via TOKEN_EXPIRATION (default 7d) and TOKEN_PERMISSION (default full-access).

Does it support vector search?

Yes — the vector_search tool performs similarity search over a vector column using SQLite vector extensions, with a query vector and result limit as parameters. Store embeddings in a libSQL table and the agent can query nearest neighbors.

View repo Full Turso Cloud MCP Server page