← Back to Dashboard

Database Access

Connect your agents to external databases with granular permissions, query limits, and full audit logging.

Table of Contents

Overview

For everyone: The Database Access page lets you connect your AI agents to your databases (PostgreSQL, MySQL, MongoDB, Redis, and more). Instead of giving agents raw database credentials, you create managed connections with specific permissions — like giving an agent read-only access to your products table but blocking access to the users_secrets table. Every query the agent runs is logged.

For technical users: This module manages database connection pooling, per-agent RBAC with operation-level granularity (read/write/delete/schema/execute), row-level query limits, table-level blocklists, optional human-in-the-loop approval for mutations, and a full SQL audit log. Credentials are encrypted in the Vault. The engine exposes /database/connections, /database/agents/:id/connections, and /database/audit endpoints.

How It Works

  1. Add a connection — configure host, port, credentials, or paste a connection string. The connection is tested before saving.
  2. Grant agent access — select an agent and assign permissions (read, write, delete, schema, execute) with query limits.
  3. Agents query databases — agents use their granted connections with enforced permissions and limits.
  4. Everything is logged — every query, its result, latency, and status appear in the audit log.

Key Concepts

Three Tabs

TabPurpose
ConnectionsManage database connections — add, test, edit, delete, and grant access.
Agent AccessView which agents have access to which databases, with what permissions. Revoke access.
Audit LogFull query log with filters for agent, operation, status, and text search.

Connection Status

StatusMeaning
activeConnection is healthy and available.
inactiveConnection is configured but not yet tested/activated.
errorLast connection attempt failed. Check error message.

Connections Tab

Displays all database connections as cards showing type, name, host/port/database, status, and last error (if any).

Adding a Connection

  1. Click "+ Add Connection"
  2. Step 1: Choose database type — select from the visual picker (organized by category).
  3. Step 2: Enter connection details — either paste a full connection string or fill in individual fields (host, port, database, username, password).
  4. Test Connection — validates connectivity and shows latency.
  5. Add Connection — saves the connection (auto-tests first if not already tested).
Tip: You can paste a full connection string (e.g., postgresql://user:pass@host:5432/db) or fill in individual fields — whichever is easier. The connection string takes precedence if provided.

Connection Card Actions

Supported Databases

Relational (SQL)

DatabaseValue
PostgreSQLpostgresql
MySQLmysql
MariaDBmariadb
Microsoft SQL Servermssql
Oracleoracle
SQLitesqlite

Cloud-Native SQL

DatabaseValue
Supabasesupabase
Neonneon
PlanetScaleplanetscale
CockroachDBcockroachdb
Turso / LibSQLturso

NoSQL / Key-Value

DatabaseValue
MongoDBmongodb
Redisredis
Upstash Redisupstash
AWS DynamoDBdynamodb

Agent Access Tab

Shows a card for each agent that has database access. Each card lists:

Permission Model

When granting an agent access to a database, you select which operations they can perform:

PermissionOperationsColorRisk Level
ReadSELECT queriesGreenLow
WriteINSERT / UPDATEOrangeMedium
DeleteDELETE rowsRedHigh
SchemaDDL operations (CREATE TABLE, ALTER, DROP)BlueVery High
ExecuteStored procedures and functionsGrayVaries
Warning: Grant "schema" and "delete" permissions sparingly. An agent with schema access can alter or drop tables. An agent with delete access can remove data.

Query Limits & Safety

Each agent access grant includes configurable safety limits:

LimitDefaultDescription
Max Read Rows10,000Maximum rows returned by SELECT queries
Max Write Rows1,000Maximum rows affected by INSERT/UPDATE
Max Delete Rows100Maximum rows affected by DELETE

Additional Safety Options

Tip: For production databases, always enable "Log ALL queries" and set conservative row limits. Start with read-only access and expand only as needed.

Audit Log Tab

Every database query executed by an agent is logged with full details:

ColumnDescription
TimeWhen the query was executed
AgentWhich agent ran the query
DatabaseWhich connection was used
Operationread, write, delete, schema, or execute
QueryThe SQL query (truncated in table, full in detail view)
RowsNumber of rows affected
LatencyExecution time in milliseconds
StatusOK or FAIL

Filtering

Expanded Detail

Click any row to expand and see:

Configuration & Setup

API Endpoints

MethodEndpointDescription
GET/database/connectionsList all connections
POST/database/connectionsCreate a new connection
PUT/database/connections/:idUpdate a connection
DELETE/database/connections/:idDelete a connection (and all grants)
POST/database/connections/:id/testTest an existing connection
POST/database/connections/testTest connection params before saving
POST/database/connections/:id/agentsGrant agent access to a connection
DELETE/database/connections/:id/agents/:agentIdRevoke agent access
GET/database/agents/:id/connectionsList connections an agent can access
GET/database/audit?limit=Query audit log

Grant Access Request

POST /database/connections/:id/agents
{
  "agentId": "agent-123",
  "permissions": ["read", "write"],
  "queryLimits": {
    "maxRowsRead": 10000,
    "maxRowsWrite": 1000,
    "maxRowsDelete": 100
  },
  "schemaAccess": {
    "blockedTables": ["users_secrets", "payment_tokens"]
  },
  "logAllQueries": true,
  "requireApproval": false
}

Connection Create Request

// Using connection string
POST /database/connections
{
  "type": "postgresql",
  "name": "Production DB",
  "connectionString": "postgresql://user:pass@host:5432/mydb",
  "description": "Main production database"
}

// Using individual fields
POST /database/connections
{
  "type": "mysql",
  "name": "Analytics DB",
  "host": "analytics.example.com",
  "port": 3306,
  "database": "analytics",
  "username": "reader",
  "password": "...",
  "ssl": true,
  "description": "Read-only analytics database"
}

Best Practices

Troubleshooting

Connection test fails

Verify: host/port are correct, database exists, credentials are valid, firewall allows the connection, and SSL setting matches the server. Check the error message for details — common issues are "ECONNREFUSED" (wrong host/port) and "authentication failed."

Agent can't query the database

Check the Agent Access tab to verify the agent has been granted access with the correct permissions. Ensure the operation type (read/write/delete) matches the agent's granted permissions.

"Max rows exceeded" error

The agent's query returned more rows than the configured limit. Either increase the limit in the grant settings or have the agent add a LIMIT clause to their queries.

Blocked table error

The agent tried to access a table in the blocked list. If this is intentional, remove the table from the blockedTables list in the grant settings.

Audit log shows failed queries

Click the failed entry to expand details and see the error message. Common causes: permission denied (operation not granted), syntax errors, table not found, or connection timeout.

Connection shows "error" status

The last connection attempt failed. Click "Test" to retry and see the specific error. Common fixes: restart the database server, check network connectivity, or update credentials if they've been rotated.

Vault — Database credentials are encrypted in the Vault. Users — Control who can manage database connections. DLP — DLP rules can detect database credentials in agent outputs. Compliance — Database audit logs inform compliance reports.
AgenticMail Enterprise Documentation Report an issue