Doris Mcp Server

Name: Doris Mcp Server
Author: apache

Official

doris-mcp-server · by apache

Apache Doris MCP Server

297 55 tools GitHub PyPI

No known CVEs

Apache-2.0 license

Actively maintained

Last commit 8d ago

Works with most clients

Transport: stdio, sse, http

55 tools · ~1.9k tok

Grade C · 0.9% of 200K ctx

Edit this pageView history

Data

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "doris-stdio": {
      "env": {
        "DORIS_HOST": "127.0.0.1",
        "DORIS_PORT": "9030",
        "DORIS_USER": "root",
        "DORIS_PASSWORD": "your_db_password"
      },
      "args": [
        "run",
        "--project",
        "/path/to/your/doris-mcp-server",
        "doris-mcp-server"
      ],
      "command": "uv"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/doris-mcp-server)](https://mcppedia.org/s/doris-mcp-server)

Read me

What Doris Mcp Server does

Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

Test This Server

This server supports HTTP transport. Be the first to test it — help the community know if it works.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

80/100across 5 weighted dimensions

How we score →

0255075100

−20

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

2 fixed

CVE-2025-66335low · fixedCVSS 3.1

Apache Doris MCP Server vulnerable to SQL Injection via improper query context neutralization

Apache Doris MCP Server versions prior to 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Versions 0.6.1 and later are not affected.

Affected: >= 0.1.0Fixed in 0.6.1source →

CVE-2025-58337medium · fixedCVSS 4

Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode

An attacker with a valid read-only account can bypass Doris MCP Server’s read-only mode due to improper access control, allowing modifications that should have been prevented by read-only restrictions. Impact: Bypasses read-only mode; attackers with read-only access may perform unauthorized modifications. Recommended action for operators: Upgrade to version 0.6.0 as soon as possible (this release contains the fix).

Affected: >= 0Fixed in 0.6.0source →

Inventory

Tools (55)

Click any tool to inspect its schema.

~1.9k tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Doris Mcp Server safe to use?: Doris Mcp Server has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access. Licensed under Apache-2.0.
How do I install Doris Mcp Server?: Doris Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Doris Mcp Server do?: Doris Mcp Server provides 55 tools: Database, DORIS_HOST, DORIS_PORT, DORIS_USER, DORIS_PASSWORD and 50 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Doris Mcp Server?: Doris Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Doris Mcp Server actively maintained?: Doris Mcp Server is actively maintained — last commit was 8 days ago. It has 297 GitHub stars.

Similar servers

Others in data

View all →

PostgreSQL MCP Server98

Query and manage PostgreSQL databases directly from AI assistants

86.4k 1

Firecrawl Mcp Server95

🔥 Official Firecrawl MCP Server - Adds powerful web scraping and search to Cursor, Claude and any other LLM clients.

6.4k 4

Supabase MCP Server95

Manage Supabase projects — databases, auth, storage, and edge functions

2.7k 4

Alpha Vantage Mcp95

Real-time financial market data: stocks, forex, crypto, commodities, and economic indicators

158 3

MCP Security Weekly

Get CVE alerts and security updates for Doris Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

{ "mcpServers": { "doris-stdio": { "env": { "DORIS_HOST": "127.0.0.1", "DORIS_PORT": "9030", "DORIS_USER": "root", "DORIS_PASSWORD": "your_db_password" }, "args": [ "run", "--project", "/path/to/your/doris-mcp-server", "doris-mcp-server" ], "command": "uv" } } }

Doris MCP Server

Doris MCP (Model Context Protocol) Server is a backend service built with Python and FastAPI. It implements the MCP, allowing clients to interact with it through defined "Tools". It's primarily designed to connect to Apache Doris databases, potentially leveraging Large Language Models (LLMs) for tasks like converting natural language queries to SQL (NL2SQL), executing queries, and performing metadata management and analysis.

🚀 What's New in v0.6.0

🔐 Enterprise Authentication System: Revolutionary token-bound database configuration with comprehensive Token, JWT, and OAuth authentication support, enabling secure multi-tenant access with granular control switches and enterprise-grade security defaults

⚡ Immediate Database Validation: Real-time database configuration validation at connection time, eliminating query-time blocking and providing instant feedback for invalid configurations - achieving 100% elimination of late-stage connection failures

🔄 Hot Reload Configuration Management: Zero-downtime configuration updates with intelligent hot reloading of tokens.json, automatic token revalidation, and comprehensive error handling with rollback mechanisms

🏗️ Advanced Connection Architecture: Session caching and connection pool optimization with 60% reduction in connection overhead, intelligent pool recreation, and automatic resource management

🌐 Multi-Worker Scalability: True horizontal scaling with stateless multi-worker architecture, efficient load distribution, and enterprise-grade concurrent processing capabilities

🔒 Enhanced Security Framework: Comprehensive access control and SQL security validation with immediate validation, role-based permissions, and enhanced injection detection patterns

🛠️ Unified Configuration System: Streamlined configuration management with proper command-line precedence, Docker compatibility improvements, and cross-platform deployment support

📊 Token Management Dashboard: Complete token lifecycle management with creation, revocation, statistics, and comprehensive audit trails for enterprise token governance

🌐 Web-Based Management Interface: Secure localhost-only token administration with intuitive dashboard, database binding configuration, real-time operations, and enterprise-grade access controls

🚀 Major Milestone: v0.6.0 establishes the platform as a production-ready enterprise authentication and database management system with zero-downtime operations (hot reload + immediate validation + multi-worker scaling), advanced security controls, and comprehensive token-bound database configuration - representing a fundamental advancement in enterprise data platform capabilities.

What's Also Included from v0.5.1

🔥 Critical at_eof Connection Fix: Complete elimination of connection pool errors with intelligent health monitoring and self-healing recovery

🔧 Enterprise Logging System: Level-based file separation with automatic cleanup and millisecond precision timestamps

📊 Advanced Data Analytics Suite: 7 enterprise-grade data governance tools including quality analysis, lineage tracking, and perfor

Frequently Asked Questions

Is Doris Mcp Server safe to use?

Doris Mcp Server has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access. Licensed under Apache-2.0.

How do I install Doris Mcp Server?

Doris Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Doris Mcp Server do?

Doris Mcp Server provides 55 tools: Database, DORIS_HOST, DORIS_PORT, DORIS_USER, DORIS_PASSWORD and 50 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Doris Mcp Server?

Doris Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Doris Mcp Server actively maintained?

Doris Mcp Server is actively maintained — last commit was 8 days ago. It has 297 GitHub stars.

Doris MCP Server

🚀 What's New in v0.6.0

🌐 Multi-Worker Scalability: True horizontal scaling with stateless multi-worker architecture, efficient load distribution, and enterprise-grade concurrent processing capabilities

🔒 Enhanced Security Framework: Comprehensive access control and SQL security validation with immediate validation, role-based permissions, and enhanced injection detection patterns

🛠️ Unified Configuration System: Streamlined configuration management with proper command-line precedence, Docker compatibility improvements, and cross-platform deployment support

📊 Token Management Dashboard: Complete token lifecycle management with creation, revocation, statistics, and comprehensive audit trails for enterprise token governance

What's Also Included from v0.5.1

🔥 Critical at_eof Connection Fix: Complete elimination of connection pool errors with intelligent health monitoring and self-healing recovery

🔧 Enterprise Logging System: Level-based file separation with automatic cleanup and millisecond precision timestamps

📊 Advanced Data Analytics Suite: 7 enterprise-grade data governance tools including quality analysis, lineage tracking, and perfor