Ekaya

Secure Database Access
For AI Agents

via MCP with Bearer Token Authentication

Enable your AI agents to access pre-approved database queries through Ekaya's MCP interface. Complete access control with API key authentication, parameterized queries, and SQL injection protection.

Safe AI Agent Data Access

Give your AI agents the data they need while maintaining complete control. Agents can only execute queries you've pre-approved, with typed parameters that prevent injection attacks.

API Key Auth
Bearer token access
Pre-Approved Only
No arbitrary SQL
Injection Safe
Typed parameters
MCP Native
Standard protocol

1Generate an Agent API Key

Secure Authentication

Generate a unique API key for each agent or integration. Keys are encrypted at rest and can be regenerated at any time.

Security Features:

  • 256-bit encrypted key storage
  • Constant-time comparison prevents timing attacks
  • Instant key regeneration if compromised

[Screenshot: API Key Generation UI]

2Define Pre-Approved Queries

Complete Control

Create parameterized SQL queries that agents can execute. Define input parameters with types and validation rules. Agents can only run these specific queries - no arbitrary SQL access.

Query Definition:

  • Natural language name and description
  • Parameterized SQL with {{parameter}} syntax
  • Typed parameters (string, number, date, etc.)

Safety Guarantees:

  • Parameters never directly interpolated into SQL
  • Type validation before execution
  • SQL injection detection and logging

Example: Pre-Approved Query Definition

{
  "name": "Get Monthly Revenue by Region",
  "sql": "SELECT region, SUM(revenue) as total FROM sales WHERE month = {{month}} AND year = {{year}} GROUP BY region",
  "parameters": [
    { "name": "month", "type": "integer", "required": true },
    { "name": "year", "type": "integer", "required": true }
  ]
}

3Configure Your Agent's MCP Connection

Simple Integration

Add the Ekaya MCP endpoint to your agent's configuration with your API key. The agent automatically discovers available queries through the MCP protocol.

Available MCP Tools:

  • list_approved_queries - Discover available queries
  • execute_approved_query - Run a query with parameters
  • health - Check connection status

MCP Configuration

{
  "mcpServers": {
    "ekaya": {
      "url": "https://data.ekaya.ai/mcp/{project-id}",
      "headers": {
        "Authorization": "api-key:YOUR_AGENT_API_KEY"
      }
    }
  }
}

Ready to Go! Your agent can now discover and execute pre-approved queries with full audit logging.

How Agent Authentication Works

[Diagram: Agent Authentication Flow]

Agent Request → API Key Validation → Tool Filtering → Pre-Approved Query Execution → Audit Log