GraphQL MCP Server for Claude

Safety notes

GraphQL MCP can introspect a schema and execute arbitrary GraphQL queries against the configured endpoint.
Mutations are blocked by default, but setting ALLOW_MUTATIONS=true allows model-generated mutation operations.
Custom HEADERS can grant access to production APIs, admin scopes, customer data, or internal services.
Schema introspection can expose object types, fields, arguments, enum values, deprecated fields, and API structure.
Even read queries can be expensive, trigger resolver side effects, expose broad data, or hit rate and complexity limits.
Prefer staging endpoints, read-only tokens, query depth/complexity limits, persisted operations, and human review for sensitive APIs.

Privacy notes

Endpoint URLs, headers, bearer tokens, schema text, GraphQL queries, variables, response data, errors, and server descriptions may be visible to the MCP client and model provider.
GraphQL responses can include personal data, customer records, internal IDs, permissions, audit data, billing data, or proprietary business objects.
HEADERS values and authorization tokens should stay out of prompts, issues, logs, screenshots, and committed configuration files.
Error messages and introspection results can reveal internal schema design and service implementation details.

Prerequisites

Node.js and npx available to the MCP client runtime.
GraphQL endpoint URL that Claude is allowed to introspect and query.
Optional HEADERS JSON for authentication, using least-privilege API credentials.
Decision on whether schema introspection should use the endpoint, a local schema file, or a schema URL.
Explicit human approval before setting ALLOW_MUTATIONS to true.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 10 minutes
Difficulty: intermediate

Full copyable content

{
  "mcpServers": {
    "graphql": {
      "command": "npx",
      "args": ["mcp-graphql"],
      "env": {
        "ENDPOINT": "https://api.example.com/graphql",
        "HEADERS": "{\"Authorization\":\"Bearer <token>\"}",
        "ALLOW_MUTATIONS": "false",
        "NAME": "graphql"
      }
    }
  }
}

About this resource

Content

GraphQL MCP Server, published as mcp-graphql, is a generic Model Context Protocol server for connecting Claude and other MCP clients to a configured GraphQL endpoint. It can expose the GraphQL schema as an MCP resource, introspect schemas, and execute GraphQL queries with optional custom headers.

The server blocks GraphQL mutations by default. Operators can enable mutations with ALLOW_MUTATIONS=true, but that turns the server into a write-capable API surface and should be reserved for reviewed workflows.

Source Review

These sources were reviewed on 2026-06-06. Prefer the live repository, README, npm registry metadata, package metadata, source implementation, and license for current package names, environment variables, tools, mutation behavior, and licensing.

Features

npm package mcp-graphql.
Stdio MCP server launched with npx mcp-graphql.
ENDPOINT environment variable for the GraphQL endpoint.
HEADERS environment variable for JSON-formatted request headers.
ALLOW_MUTATIONS flag, disabled by default.
NAME environment variable for custom server naming.
SCHEMA environment variable for local schema files or schema URLs.
graphql-schema resource for schema access.
introspect-schema tool for retrieving schema text.
query-graphql tool for executing GraphQL operations.
MIT license.

Installation

Configure the GraphQL endpoint and keep mutations disabled by default:

{
  "mcpServers": {
    "graphql": {
      "command": "npx",
      "args": ["mcp-graphql"],
      "env": {
        "ENDPOINT": "https://api.example.com/graphql",
        "HEADERS": "{\"Authorization\":\"Bearer <token>\"}",
        "ALLOW_MUTATIONS": "false",
        "NAME": "graphql"
      }
    }
  }
}

Use a least-privilege token and a staging endpoint first. If the endpoint supports query cost, depth, or persisted operation controls, configure those before giving Claude access.

Use Cases

Ask Claude to introspect a GraphQL schema before drafting a query.
Generate a query against an unfamiliar endpoint using live schema details.
Run approved read queries against a development API.
Use a local or hosted schema file when endpoint introspection is disabled.
Debug GraphQL errors by comparing the query with schema fields and arguments.
Prototype a dedicated, narrower MCP server for a specific GraphQL API.

Safety and Privacy

GraphQL MCP is intentionally generic, so credentials and endpoint choice define its blast radius. Keep mutations disabled, use read-only credentials, prefer staging APIs, and require review before running broad queries, expensive nested queries, or anything that could trigger resolver side effects.

Do not put production bearer tokens or admin headers in shared MCP configs. Schema introspection and error responses can reveal internal API design, while query results can expose sensitive records to the model session.

Duplicate Check

Existing catalog content mentions GraphQL in entries for Shopify, Square, monday.com, Linear, Supabase, and several skills, but no generic GraphQL MCP Server, blurrah/mcp-graphql, mcp-graphql, or matching source URL entry was found in content/mcp.

#graphql#api#schema#data-access#developer-tools