Skip to main content

Secure AI Access to Your Database

AI applications need rich data access, but must be securely scoped to each user.

Exograph provides built-in access control, optimized queries, and an incredible developer experience.

Get Started
MCP Server using Exograph

Why Exograph?

Database to AI in Minutes
Transform any existing Postgres database into a secure MCP server with a single command. Import your schema, add access control rules, and get intelligent database access without rebuilding infrastructure.
Secure by Design
Define your domain model once with built-in access control. LLMs can query freely while Exograph ensures they only see authorized data—no more choosing between security and functionality.
Beyond MCP Servers
Get a complete backend solution with MCP server, GraphQL APIs, schema migrations, testing framework, and observability. Everything follows the same access control rules you define once in your domain model.
Production-Ready from Day One
Deploy anywhere as a single binary with OpenTelemetry observability, comprehensive testing tools, and Git-friendly development workflow. Focus on building your AI application, not database plumbing.

See it in action

Watch how easy it is to create an Exograph MCP server and connect it to your AI applications

Bring Your Own Database

Start with a Postgres database you already have. Exograph generates a complete domain model from your database automatically with relationships and all. You can then tune the model to your needs.

exo new finance-mcp --from-database
Imported tables:
public:
accounts, advisor_performance,
audit_logs, branches,
compliance_reports, customers,
customer_account_summary,
financial_advisors,
investment_portfolios,
transactions
 
A new project has been created in the finance-mcp directory.
To start the server, run cd finance-mcp and then exo yolo!

Add Access Control

Evolve the model to your needs. Secure your domain model through access control rules.

Express rules such as "only admins can create customers" or "only customers can see their own data".

@access(AuthContext.role == "admin")
type Customer {
@pk id: Uuid = uuidGenerateV4()
name: String
advisor: Advisor?
accounts: Set<Account>
}

@access(AuthContext.role == "admin")
type Advisor {
@pk id: Uuid = uuidGenerateV4()
name: String
customers: Set<Customer>
}

...

@access(query=AuthContext.id == self.id || AuthContext.id == self.advisor.id || AuthContext.role == "admin")
type Customer {
@pk id: Uuid = uuidGenerateV4()
name: String
advisor: Advisor?
accounts: Set<Account>
}

@access(query=AuthContext.id == self.id || AuthContext.role == "admin")
type Advisor {
@pk id: Uuid = uuidGenerateV4()
name: String
customers: Set<Customer>
}

...

Spin Up an MCP Server

Run exo dev to get an instant MCP server, GraphQL APIs, and a playground. Changes to your model are reflected immediately—no rebuilds needed.

As your model evolves, exo schema migrate will provide a migration plan to keep your database in sync.

exo dev
Starting server in development mode...
Running in read-only mode. To enable write access, pass --read-write.
Watching the current directory for changes...
Verifying new model...
Starting server...
Started server on localhost:9876 in 29.31 ms
- GraphQL endpoint hosted at:
http://localhost:9876/graphql
- MCP endpoint hosted at:
http://localhost:9876/mcp
- Playground hosted at:
http://localhost:9876/playground

Deploy Anywhere

When you're ready, deploy to any Cloud provider or self-host a production-ready MCP server.

Exograph deploys to any Cloud provider that supports Docker or WebAssembly, and on serverless platforms like AWS Lambda.

No lock-in.

AzureGoogle CloudAWS LambdaRailwayRailwayFlyFlyCloudFlare WorkersCloudFlare WorkersDocker

Connect to LLMs

Configure Claude Desktop or any MCP client to use your server. Use it for direct AI chat, or integrate into agentic workflows with focused tool profiles.

Your AI applications now have secure, intelligent database access.

Finance Agent
Online
Start a conversation...