Give your team a safe way to read, add, and update database records through an agent without writing raw SQL. It suits internal tools and data requests across teams that rely on PostgreSQL for daily work. IT and operations teams get a secure layer that keeps control while still moving fast.

The flow exposes a PostgreSQL server to agent clients using an MCP server trigger. Two database tools offer read only access to list tables and view a table schema. Three tool workflows accept simple parameters for read, create, and update, then call the same workflow using an execute trigger. A switch node routes each request to the correct SQL action. All queries use parameters to reduce risk and cut errors. This design lowers the chance of SQL injection and stops risky raw SQL from reaching your database.

You need a reachable PostgreSQL database and an MCP client such as a desktop AI app. Add credentials in n8n for your database and connect the MCP server trigger. Expect faster turnaround for data questions, fewer mistakes, and less ad hoc SQL work. It fits requests like checking if a user exists, adding new records, or updating status fields in core tables.

• MCP server trigger exposes database tools to compatible agent clients for direct interaction.
• List tables and read table schema with read only PostgreSQL tools to help users discover structure safely.
• Three tool workflows accept simple inputs for read, create, and update and call the same workflow for handling.
• A switch node routes operations to the correct SQL action so each request follows a clear path.
• Parameterized SQL in the PostgreSQL node prevents raw SQL execution and reduces injection risks.
• Execute workflow trigger centralizes inputs for operation, table name, values, and where filters.
• Reusable credentials on all PostgreSQL nodes keep connection setup simple and consistent.
• Sticky notes guide security choices such as restricting scope and enabling authentication before production.

• Reduce manual SQL drafting time from 30 minutes to 5 minutes by using parameter inputs instead of writing queries
• Improve data quality by using parameterized queries that lower human errors in WHERE clauses and values
• Cut back and forth between teams by letting an agent handle common read, create, and update tasks
• Lower security risk by blocking raw SQL and only allowing approved operations with safe parameters
• Support more internal requests per day by routing work through a single, consistent process

1. Import the template into n8n: Create a new workflow in n8n > Click the three dots menu > Select 'Import from File' > Choose the downloaded JSON file.
2. You'll need accounts with PostgreSQL. See the Tools Required section above for links to create accounts with these services.
3. Make sure you have a PostgreSQL database that is reachable from n8n. Note the host, port, database name, user, and password.
4. In the n8n credentials manager, create a new PostgreSQL credential using your database details. Test the connection to confirm it works.
5. Open each PostgreSQL node in the workflow and select your PostgreSQL credential in the Credential to connect with field.
6. Review the MCP server trigger node. If you plan to expose it beyond a secure environment, enable authentication as advised in the notes.
7. Optionally restrict scope by limiting which tables the tools should access. You can adjust the tool input schemas or add checks in the workflow.
8. Run a simple test: trigger the read tool with a small where object and confirm the switch routes to the read path and returns rows.
9. Test create: provide a table name and a values object. Verify a new row appears in your database and the response returns the result.
10. Test update: pass a values object and a where object. Confirm that only the intended rows are changed. Never leave the where object empty.
11. If you use an MCP client, add the MCP server URL from n8n to your client and try a sample request like checking for a user or creating one.
12. Troubleshoot common issues: permission denied means fix database user grants, empty results mean adjust where filters, and failed auth means review MCP server authentication settings.