bubble-mcp-server

Bubble.io MCP Server

The only tool that reverse-engineers Bubble.io's private APIs

🔥 Does What Bubble "Doesn't Allow"

🚀 Extract any Bubble app's complete database schema in 30 seconds
⚡ Create 50+ database fields in one batch with intelligent dependency resolution
🔒 Test privacy rules without authentication - discover security gaps instantly
🛠️ Automate complex database operations that take hours manually

🎬 Demo video in production - showing schema extraction → batch operations → security testing

⚡ Quick Start

NPX (Recommended - Zero Installation)

{
  "mcpServers": {
    "bubble": {
      "command": "npx",
      "args": ["-y", "bubble-mcp-server"],
      "env": {
        "BUBBLE_APP_ID": "your-app-id",
        "BUBBLE_USERNAME": "username",
        "BUBBLE_PASSWORD": "password",
        "BUBBLE_AUTH_TOKEN": "bus|10102...",
        "BUBBLE_AUTH_SIGNATURE": "sl7fa...",
        "BUBBLE_WRITE_BRANCH": "development"
      }
    }
  }
}

Docker (Enterprise & Teams)

# Using Docker Compose (recommended)
docker-compose up -d

# Or build and run manually
docker build -t bubble-mcp-server .
docker run -d --env-file .env bubble-mcp-server

Traditional Setup

# Clone and setup
git clone https://github.com/lowcodrAI/bubble-mcp-server
cd bubble-mcp-server
npm install

# Basic configuration
export BUBBLE_APP_ID="your-app-id"
export BUBBLE_AUTH_TOKEN="bus|10102..."
export BUBBLE_AUTH_SIGNATURE="sl7fa..." 
export BUBBLE_WRITE_BRANCH="development"

# Run the server
node index-complete.js

📋 Complete authentication setup →

🏢 Built by Bubble Experts

This tool was reverse-engineered by lowcodr.co - specialists in advanced Bubble implementations that push beyond standard limitations.

Need enterprise Bubble development that requires this level of system integration?
📧 Contact: valentin@lowcodr.co
🌐 Website: lowcodr.co

We handle complex NoCode architectures that most developers can't build.

🌟 Community

⭐ Star this repo if you're amazed by what's possible with Bubble automation
🐛 Report issues to help improve reverse engineering coverage
💡 Contribute - help us discover more Bubble APIs

Join the discussion:

• Share your automation successes
• Request new features
• Help document edge cases

🎯 Features Overview

🔓 Editor Query Tool

What it does: Query your Bubble database with full admin access to see all data, even private records. Perfect for development and debugging.

Key features:

• Search any table with advanced filters
• Get statistics and analytics (count, sum, average)
• Smart suggestions for better performance
• Works with all data types and relationships

Use cases: Development debugging, data analysis, admin dashboards, finding specific records

🔒 Privacy Rules Tester

What it does: Test if your app accidentally exposes private data to unauthorized users. Simulates what anonymous visitors can see.

Key features:

• Check data exposure without login
• Validate your privacy rules are working
• Security audit for your app
• Identify potential data leaks

Use cases: Security audits before going live, privacy rule validation, compliance checks

📊 Database Schema Reader

What it does: Get a complete overview of your app's database structure - all tables, fields, option sets, and how they connect.

Key features:

• See all tables and their fields
• Understand field types and requirements
• View option sets and their values
• Map relationships between tables

Use cases: Understanding existing apps, documentation, planning new features, onboarding team members

🛠️ Database Manager

What it does: Create and modify your database structure directly - add new tables, fields, and option sets without clicking through the Bubble editor.

Key features:

• Create tables and fields in batches
• Set up option sets with attributes
• Bulk database operations
• Safe mode (won't touch live data)

Use cases: Rapid prototyping, database migrations, automated setup, bulk schema changes

📝 Record Creator

What it does: Add new data records to your tables with proper validation and relationship handling.

Key features:

• Create single or multiple records
• Handle user relationships and links
• Automatic field validation
• Proper data type conversion

Use cases: Data import, generating test data, migrating from other systems, bulk data entry

🔐 Authentication Setup

Getting App Protection Credentials

If your development app is password-protected (Privacy & Security settings):

• Open Bubble.io Editor → Settings → Privacy & Security
• Find "Limit access to this app in run mode with a username and password"
• Use those credentials for BUBBLE_USERNAME and BUBBLE_PASSWORD

Note: These are NOT your Bubble account credentials - they're the app-specific protection credentials.

Getting Editor Auth Tokens

• Open Bubble.io Editor in Chrome
• Open DevTools (F12) → Application → Cookies
• Find these cookies:
  • meta_live_u2main → This is your BUBBLE_AUTH_TOKEN
  • meta_live_u2main.sig → This is your BUBBLE_AUTH_SIGNATURE

Cookie Example

meta_live_u2main=bus|10102...
meta_live_u2main.sig=sl7fa...

🔧 Configuration

Environment Variables

Create a .env file or set these in your MCP client configuration:

# Required - Your Bubble app identifier
BUBBLE_APP_ID=your-app-id

# Required for password-protected development apps (Privacy & Security settings)
BUBBLE_USERNAME=username
BUBBLE_PASSWORD=password

# Required for editor operations (get from browser cookies)
BUBBLE_AUTH_TOKEN=bus|10102...
BUBBLE_AUTH_SIGNATURE=sl7fa...

# Required for write operations (safety feature)
BUBBLE_WRITE_BRANCH=development  # Cannot be "live"

🔍 Available Tools

1. editor_query

Query your Bubble database with full admin access. Search tables, get analytics, and access all data including private records.

2. privacy_rules_tester

Test if your app exposes data to unauthorized users. Security audit tool to validate your privacy rules are working correctly.

3. read_database_schema

Get a complete overview of your app's structure - tables, fields, option sets, and how everything connects together.

4. database_manager

Create and modify your database structure in batches. Add tables, fields, and option sets without manual clicking.

5. create_records

Add new data to your tables with proper validation. Handles relationships and ensures data integrity.

6. commit

Create version control snapshots of your app. Useful for tracking changes and creating restore points.

7. option_attribute_values

Configure option set attributes like colors, icons, and metadata. Perfect for setting up dropdowns and categories.

🏗️ How It Works

Smart Features

• Relationship Handling: Automatically links records between tables
• Field Validation: Ensures data matches your table structure
• Query Optimization: Suggests the best approach for your data needs
• Schema Awareness: Validates against your actual database structure

Security & Reliability

• Encrypted Communication: All data transmission is encrypted
• Session Management: Uses your Bubble editor authentication
• Safe Operations: Development-only mode prevents accidental live changes
• Error Recovery: Automatic retry for network issues

🚨 Important Notes

⚠️ Security: Editor queries bypass ALL privacy rules - use responsibly

⚠️ Authentication: Auth tokens expire - refresh from browser cookies

⚠️ Rate Limits: Bubble may rate limit intensive querying

⚠️ Legal: Only use on apps you own or have permission to access

⚠️ Write Safety: Write operations require branch configuration

🤝 Contributing

• Fork the repository
• Create feature branch
• Test with your Bubble apps
• Submit pull request

We welcome contributions that help expand the reverse engineering capabilities!

📄 License

Non-Commercial License - Free for personal, educational, and non-commercial use.

✅ Personal projects and learning
✅ Educational and research use
✅ Open source contributions
❌ Commercial use without license

Need commercial licensing? Contact valentin@lowcodr.co for enterprise licensing options.

This approach ensures the tool remains accessible for developers while supporting continued development.

🔗 Related

• Model Context Protocol
• Bubble.io
• lowcodr.co - Advanced Bubble Development

Built with ❤️ by lowcodr.co - Advanced Bubble.io reverse engineering for enterprise automation