How to securely provide env variables to MCP servers?
Resolved 💬 5 comments Opened Jun 13, 2025 by Guitaricet Closed Jul 20, 2025
I am preparing a shared .mcp.json file that I want to commit to our repository, but facing an issue in how to authenticate in the database.
There are two solutions that I see:
- Provide it plaintext
"postgres": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"--network=host",
"mcp/postgres",
"postgresql://user_name:<our_actual_plaintext_password>@postgres_ip:5432/database_name"]
}
This one is a big no for obvious reasons. Env variables and code should not go together.
- Set an environment variable
PGPASSWORDin my env
"postgres": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"--network=host",
"-e",
"PGPASSWORD",
"mcp/postgres",
"postgresql://user_name@postgres_ip:5432/database_name"]
}
It's acceptable, but inconvenient, because the env variable for the database that we have is named differently, say DBPWD
Ideally, I would like to see an option to expand env variables similar to
"postgres": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"--network=host",
"mcp/postgres",
"postgresql://user_name:$DBPWD@postgres_ip:5432/database_name"]
}
or, maybe:
...
"env": {
"PGPASSWORD": "${PSQLPWD}",
...
I believe currently there is no option to do so (please correct me if I'm wrong), are there any plans on adding this functionality and recommendations for a workaround
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗