A Model Context Protocol (MCP) server that connects Dust.tt AI agents to your Airtable bases. Query and analyze your Airtable data using natural language through Dust's AI assistants.
- 🔍 Automatic Schema Discovery: List bases, tables, and fields
- 📊 Rich Querying: Filter, search, and retrieve records with Airtable formulas
- 📈 Table Statistics: Get record counts and metadata
- 📤 CSV Export: Export data for spreadsheet analysis
- 🔒 Secure: Token-based authentication with rate limiting
- ☁️ Easy Deployment: Deploy to Heroku or Vercel in minutes
- 🤖 Dust.tt Compatible: Fully compatible with MCP over SSE protocol
- Python 3.10 or higher
- An Airtable account with a Personal Access Token
- (Optional) A Heroku or Vercel account for deployment
- Clone and setup:
cd mcp-server-airtable
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
pip install -r requirements.txt- Configure environment:
export AIRTABLE_ACCESS_TOKEN="patXXXXXXXXXXXXXX" # Your Airtable Personal Access Token
export AIRTABLE_BASE_ID="appXXXXXXXXXXXX" # Optional: default base
export MCP_AUTH_TOKEN=$(openssl rand -hex 32) # For Dust.tt authentication- Run the server:
cd src
uvicorn forestadmin_airtable_mcp.server_sse:app --host 0.0.0.0 --port 8000- Test it:
curl http://localhost:8000/healthSee DUST_INTEGRATION.md for complete deployment and Dust.tt integration instructions.
heroku create your-app-name
heroku config:set AIRTABLE_ACCESS_TOKEN=patXXXXXXX
heroku config:set MCP_AUTH_TOKEN=$(openssl rand -hex 32)
git push heroku mainvercel deploy --prod
# Then set environment variables in Vercel dashboardThe server exposes 9 MCP tools for Airtable interaction:
| Tool | Description |
|---|---|
list_bases |
List all accessible Airtable bases |
get_base_schema |
Get complete schema (tables, fields, views) |
list_tables |
List tables in a base |
list_fields |
Show fields in a table with types |
list_records |
Query records with filtering |
get_record |
Get a specific record by ID |
search_records |
Search records by text |
get_table_info |
Get table statistics |
export_records_csv |
Export records as CSV |
Once configured in Dust.tt, you can ask your AI agent:
- "Show me all my Airtable bases"
- "What tables are in my CRM base?"
- "List all contacts with status 'Active'"
- "Search for customers mentioning 'urgent'"
- "Export the last 100 orders as CSV"
The server supports Airtable's filter formula syntax:
// Simple comparison
{Status} = 'Active'
// Date range
AND(IS_AFTER({Date}, '2024-01-01'), IS_BEFORE({Date}, '2024-12-31'))
// Text search
FIND('keyword', {Description})
// Multiple conditions
AND({Priority} = 'High', {Status} != 'Done')
// Complex formulas
OR(
AND({Status} = 'Pending', {Amount} > 1000),
{Priority} = 'Urgent'
)| Variable | Required | Description |
|---|---|---|
AIRTABLE_ACCESS_TOKEN |
Yes | Airtable Personal Access Token (create at airtable.com/create/tokens) |
AIRTABLE_BASE_ID |
No | Default base ID (can specify in tool calls) |
MCP_AUTH_TOKEN |
Yes | Bearer token for Dust.tt authentication |
- Go to https://airtable.com/create/tokens
- Click "Create new token"
- Give it a name (e.g., "Dust MCP Server")
- Add scopes:
data.records:read(required)schema.bases:read(required)
- Add access to specific bases
- Copy the token (starts with
pat)
GET /- Health check with server infoGET /health- Detailed health statusGET /sse- SSE connection for MCP protocolPOST /sse- JSON-RPC tool execution
Airtable API has rate limits (5 requests/second per base). This server implements:
- Automatic retry with exponential backoff
- Request throttling
- Configurable max records limits
IMPORTANT: Version 1.0+ includes critical security fixes. See SECURITY.md for details.
- ✅ Bearer token authentication on all MCP endpoints (v1.0+)
- ✅ Formula injection prevention with input sanitization (v1.0+)
- ✅ Input validation for all Airtable IDs and field names (v1.0+)
- ✅ Rate limiting (30 requests/minute per IP) (v1.0+)
- ✅ Audit logging for all operations (v1.0+)
- ✅ Confirmation required for destructive operations (v1.0+)
- ✅ Error message sanitization to prevent information disclosure (v1.0+)
- ✅ Environment-based secret management
- ✅ Secure credential handling
-
Generate authentication token:
openssl rand -hex 32
-
Set environment variables:
export MCP_AUTH_TOKEN="YOUR_GENERATED_TOKEN" export AIRTABLE_ACCESS_TOKEN="YOUR_AIRTABLE_TOKEN" export DEBUG_MODE="false" # Never set to true in production
-
Use authentication in requests:
curl -X POST http://server:8000/sse \ -H "Authorization: Bearer YOUR_MCP_AUTH_TOKEN" \ -H "Content-Type: application/json" \ -d '{"method":"tools/list","id":1}'
For complete security documentation, see SECURITY.md
┌─────────────────────────────────────┐
│ Dust.tt AI Agent │
└──────────────┬──────────────────────┘
│ HTTPS + Bearer Token
┌──────────────▼──────────────────────┐
│ MCP Server (Heroku/Vercel) │
│ - FastAPI application │
│ - MCP protocol (SSE) │
│ - 9 Airtable tools │
└──────────────┬──────────────────────┘
│ HTTPS + PAT
┌──────────────▼──────────────────────┐
│ Airtable API │
│ - Bases, Tables, Records │
└─────────────────────────────────────┘
pip install -r requirements-dev.txt
pytest# Format
black src/
# Lint
ruff check src/
# Type check
mypy src/- Check that
AIRTABLE_ACCESS_TOKENis set correctly - Verify the token has necessary scopes
- Reduce
max_recordsin queries - Add delays between requests
- Check Airtable API status
- Verify the base ID starts with
app - Check token has access to the base
- List bases first with
list_basestool
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests
- Submit a pull request
MIT License - see LICENSE file for details.
- Issues: GitHub Issues
- Documentation: DUST_INTEGRATION.md
- Dust.tt Docs: https://docs.dust.tt/
- MCP Spec: https://modelcontextprotocol.io/
Built with ❤️ by Forest Admin