Skip to main content
Nodal never needs access to your database — in the open-source repo or the hosted MCP server.

We never touch your database

Nodal serves your context layer — the definitions and canonical queries your analyst curated — not your data. When an agent needs to run SQL, it runs it through your own read-only warehouse connector (see self-service MCP setup). Nodal does not replicate, proxy, or store a connection to your warehouse. The credentials to your data never leave your side.

For the hosted MCP server, we need only read-only GitHub

To serve your context to your team, the hosted endpoint needs to read the files in your context repo. That’s it:

Context repo (required)

A read-only GitHub token for your analytics-context repo — the Markdown + YAML the endpoint serves.

dbt repo (optional)

If you choose, a read-only token for your dbt project’s GitHub repo. dbt models and docs are a nicely structured source for lineage, so the agent can check how a metric is computed.
Both are read-only and both are GitHub — structured, reviewable, and easy to scope down. You grant them once in the Nodal admin and can revoke them at any time.

What that means in practice

Nodal can readNodal cannot access
Your analytics-context repo (read-only GitHub)Your database / warehouse
Your dbt repo, if you opt in (read-only GitHub)Any write access to your GitHub
The questions your team asks the endpointData outside the repos you granted

Organization scoping

Every request to https://analyst.nodaldata.io/mcp is authenticated with OAuth 2.0 and scoped to your organization, so a token only ever reaches your organization’s context — never another customer’s.