GraphJin is a compiler and runtime that lets AI agents connect to the systems a real company already has: databases, warehouses, files, source code, workflows, metadata, and security policy. Instead of handing an agent raw credentials and hoping it guesses correctly, GraphJin gives it one governed GraphQL + MCP surface where it can discover before acting, validate queries, run approved work, and observe runtime status.
It is not only for agents. GraphJin is still a high-performance GraphQL-to-database compiler, Go library, standalone API service, REST/OpenAPI gateway, and real-time subscription server. The agent use case is where everything comes together: the same compiler that serves your apps can also give AI a smart, auditable way to work across data, code, and operations.
Works with PostgreSQL, MySQL, MongoDB, SQLite, Oracle, MSSQL, Snowflake, Redshift, BigQuery, Apache Cassandra / Amazon Keyspaces, S3/GCS/local files, CodeSQL source indexes - and models from Claude/GPT-4 to local 7B models.
query_catalog(search: "<user instruction>"), graphql_help, relationship evidence, examples, config recipes, and safety notes before writing or running queries.gj_config preview/apply keep changes auditable.gj_security, gj_runtime, and the built-in console expose policy and bounded runtime status so agents can check what is safe before they act.npm (all platforms)
npm install -g graphjin
macOS (Homebrew)
brew install dosco/graphjin/graphjin
Windows (Scoop)
scoop bucket add graphjin https://github.com/dosco/graphjin-scoop
scoop install graphjin
Linux
Download .deb/.rpm from releases
Docker
docker pull dosco/graphjin
This is a quick way to try out GraphJin. The --demo flag runs a curated local
demo, creates local state under the example's demo/ folder, and reuses that
state on later starts. Delete demo/ to reset from scratch.
Download the source which contains the webshop demo
git clone https://github.com/dosco/graphjin
cd graphjin
Now launch the Graphjin service that you installed using the install options above
graphjin serve --demo --path examples/webshop
For a larger agent-driven example with Postgres operations data, a BigQuery simulator for roast telemetry, CodeSQL over internal business code, and executable workflows:
graphjin serve --demo --path examples/coffee-roastery
You'll see output like this:
GraphJin started
───────────────────────
Web UI: http://localhost:8080/
GraphQL: http://localhost:8080/api/v1/graphql
REST API: http://localhost:8080/api/v1/rest/
Workflows: http://localhost:8080/api/v1/workflows/<name>
MCP: http://localhost:8080/api/v1/mcp
Use GraphJin's helper when you want one command that normalizes the URL, probes auth, and installs the right Codex or Claude config:
graphjin mcp add codex
graphjin mcp add claude
graphjin mcp add all http://localhost:8080
Defaults are client=codex, server=http://localhost:8080, and project scope.
The command normalizes the server to http://localhost:8080/api/v1/mcp. Local
non-TLS HTTP is correct for loopback development; hosted servers should use
HTTPS.
If you prefer native client commands, add GraphJin's Streamable HTTP endpoint directly:
codex mcp add graphjin --url http://localhost:8080/api/v1/mcp
claude mcp add --transport http graphjin http://localhost:8080/api/v1/mcp
GraphJin's /api/v1/mcp endpoint is Streamable HTTP, so Claude should use
--transport http for GraphJin. SSE is only for older/custom MCP servers.
Use --global when you want the MCP connection available outside the current project:
graphjin mcp add codex --global
Codex can also add non-URL stdio MCP servers with the generic command shape:
codex mcp add <server-name> -- <command> [args...]
When mcp.oauth.enabled: true is configured on a hosted GraphJin server, modern
MCP clients can add it by URL and handle OAuth login themselves:
codex mcp add graphjin --url https://graphjin.example.com/api/v1/mcp
claude mcp add --transport http graphjin https://graphjin.example.com/api/v1/mcp
This is the native remote-MCP path. GraphJin serves OAuth protected-resource
metadata, authorization-server metadata, DCR/CIMD discovery, and MCP 401
challenges so the client can discover login automatically. See the official
OpenAI Docs MCP quickstart for the
Codex mcp add --url flow and the
Claude Code MCP docs for
Claude's HTTP transport and authentication flow.
For legacy/custom SSE servers, use Claude's SSE transport explicitly:
claude mcp add --transport sse <name> <url>
claude mcp add --transport sse private-api https://api.company.com/sse \
--header "X-API-Key: your-key-here"
auth_login FallbackIf a server still uses GraphJin's current auth_login device-code flow instead of standards OAuth, graphjin mcp add detects that automatically:
graphjin mcp add codex https://graphjin.example.com
The command opens the device-code login, saves ~/.config/graphjin/client.json, and installs a credential-free local proxy config for the AI client. Re-run graphjin mcp setup https://graphjin.example.com later only when you want to refresh or rotate that saved CLI/proxy token.
The deprecated aliases still work for scripts:
graphjin mcp install codex https://graphjin.example.com
graphjin mcp plugin install https://graphjin.example.com # deprecated Claude alias
Before graphjin cli can talk to a server, point it at one. There are no --server or --token flags — both come from a single saved config file (~/.config/graphjin/client.json, mode 0600):
graphjin cli setup http://localhost:8080 # local dev, no auth needed
graphjin cli setup https://graphjin.example.com # signs in via the server's OIDC IdP
What setup does, depending on the server:
auth_login.enabled: false): saves only the URL. CLI calls send no Authorization header.client.json.After setup every graphjin cli ... command just works:
graphjin cli health
graphjin cli query list
graphjin cli schema tables
graphjin cli setup show # print the saved config (token redacted)
graphjin cli setup logout # delete client.json
graphjin cli setup # re-run sign-in against the same server (refresh token)
To enable built-in login, set this on the server:
auth:
type: jwt
jwt:
secret: "long-random-shared-secret" # used to sign and verify local JWTs
auth_login:
enabled: true
audience_graphjin: true # shorthand for audience: "graphjin-cli"
oidc:
issuer_url: "https://accounts.google.com"
client_id: "..."
client_secret: "..." # or $GJ_AUTH_LOGIN_OIDC_CLIENT_SECRET
allowed_domains: ["example.com"] # optional allow-list
mcp:
oauth:
enabled: true
mode: builtin # reuses auth_login identity
scopes: ["mcp"]
Successful authentication is recorded in structured logs with the verified email and name claims (when present), giving you a clean audit trail of who called every endpoint.
To use GraphJin with your own databases you have to first create a new GraphJin app, then configure it using its config files and then launch GraphJin.
Step 1: Create New GraphJin App
graphjin new my-app
Step 2: Start the GraphJin Service
graphjin serve --path ./my-app
Step 3: Add GraphJin to an AI client
graphjin mcp add claude http://localhost:8080
Step 4: Ask Claude questions like: - "What tables are in the database?" - "Show me all products under $50" - "List customers and their purchases" - "What's the total revenue by product?" - "Find products with 'wireless' in the name" - "Add a new product called 'USB-C Cable' for $19.99"
gj_* tables make discovered databases, tables, columns, relationships, functions, and indexes queryable when the GraphJin source is enabledNo resolvers. No ORM. No N+1 queries. Just point and query.
CodeSQL is a managed source kind for source trees. Configure a source folder and GraphJin creates a SQLite cache under config/codesql/, indexes it with tree-sitter, and updates it on restart. In development it also watches for changes while the service runs; in production live watching is disabled.
sources:
- name: app
kind: sql
type: postgres
connection_string: postgres://app:secret@db/app
default: true
- name: code
kind: codesql
path: /srv/app
infer_db_refs: true
- name: graphjin
kind: graphjin
metadata: true
tables:
- name: users
source: app
- name: gj_code
source: code
read_only: true
GraphJin exposes CodeSQL through one ordinary GraphQL root, gj_code. Use kind to select files, symbols, references, imports, database references, docs, parse errors, change sets, and locks:
query {
gj_code(where: { kind: { eq: "symbol" }, name: { iregex: "handler|resolver" } }, limit: 20) {
name
symbol_kind
language
start_row
path
hash
}
}
With a kind: graphjin source, GraphJin creates a read-only system graph named graphjin by default. Schema, catalog, entrypoint, capability, workflow, and system metadata are catalog items in gj_catalog; table and column metadata are selected by kind. When one CodeSQL source is active, GraphJin links catalog items to code references automatically:
query {
gj_catalog(where: { kind: { eq: "column" }, table_name: { eq: "users" }, column_name: { eq: "email" } }) {
database_name
table_name
column_name
gj_code {
kind
ref_kind
path
symbol_id
}
}
}
This is where the model gets genuinely powerful: the same agent can inspect production data systems and the code that operates them. It can ask, "which handlers touch customer invoices?", "what tables do these workflows depend on?", or "show me the imports and call sites near this data path" without switching tools or inventing a new backend.
Simple queries with filters:
{ products(where: { price: { gt: 50 } }, limit: 10) { id name price } }
Nested relationships:
{
orders(limit: 5) {
id total
customer { name email }
items { quantity product { name category { name } } }
}
}
Aggregations:
{ products { count_id sum_price avg_price } }
Analytics directives:
{
orders {
account_id
month
total
running_total: total @running(aggregate: sum, by: "account_id", orderBy: { month: asc })
moving_avg_total: total @moving(aggregate: avg, rows: 6, by: "account_id", orderBy: { month: asc })
previous_total: total @previous(by: "account_id", orderBy: { month: asc })
rank_by_total: total @rank(by: "account_id", order: desc)
}
}
Use analytics directives when each original row should remain visible while adding report metrics such as running totals, moving averages, previous/next values, first/last values, and rank within a group. Ordinary one-row-per-group summaries still use distinct plus aggregate fields. Supported SQL databases validate analytics support a
$ claude mcp add graphjin \
-- python -m otcore.mcp_server <graph>