Connectors
Overview
Connectors define how Monospace connects to your databases. Each connector handles connection pooling, schema introspection, SSL/TLS configuration, and query execution.
When you add a data source in the Studio, you select a connector and provide its configuration. Monospace encrypts credentials at rest and never stores them in plaintext.
PostgreSQL
Tested with PostgreSQL 14 through 17.
Connection Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
host | string | Yes | — | Database server hostname or IP address |
port | number | Yes | 5432 | Database server port |
user | string | Yes | — | Database username |
password | string | Yes | — | Database password |
dbname | string | Yes | — | Database name |
Alternatively, paste a connection string to auto-populate all fields:
postgresql://user:password@host:5432/database
SSL Configuration
| Parameter | Type | Default | Description |
|---|---|---|---|
ssl.mode | string | disable | SSL connection mode (see below) |
ssl.caCert | string | — | CA certificate (base64-encoded PEM or DER) |
ssl.clientCert | string | — | Client certificate for mutual TLS (base64-encoded) |
ssl.clientKey | string | — | Client private key (base64-encoded) |
ssl.clientKeyPassword | string | — | Password for an encrypted client private key |
SSL Modes
| Mode | Description |
|---|---|
disable | No TLS encryption |
prefer | Attempt TLS, fall back to unencrypted if unavailable |
require | Require TLS without certificate verification. If ssl.caCert is provided, verifies the server certificate against it (same behavior as verify-ca) |
verify-ca | Require TLS and verify the server certificate chain. Does not check hostname. When ssl.caCert is omitted, validates against the platform's system root CAs |
verify-full | Require TLS, verify the server certificate chain, and verify the hostname matches the certificate. When ssl.caCert is omitted, validates against the platform's system root CAs |
verify-full. Managed providers (Supabase, AWS RDS, Neon) use certificates signed by public CAs, so ssl.caCert is not required — the system root CA store handles validation. Provide ssl.caCert only for self-signed or private CAs.Supported Key Formats
Client keys are accepted in the following formats, all normalized internally to PKCS#8:
- PKCS#8 (PEM or DER)
- Encrypted PKCS#8 PEM (requires
ssl.clientKeyPassword) - PKCS#1 RSA (PEM or DER)
- SEC1 EC (PEM only)
Supabase
The Supabase connector is a preconfigured PostgreSQL preset. It uses the same PostgreSQL engine and supports all the same features — SSL, introspection, connection pooling, and transactions.
Select Supabase when connecting to a Supabase-hosted database. The configuration form is identical to PostgreSQL with a Supabase-specific connection string placeholder.
Connect to Supabase
- Open your Supabase project dashboard and navigate to Project Settings > Database.
- Copy the connection string (direct connection or session pooler).
- In Monospace, add a new data source and select the Supabase connector.
- Paste the connection string — all fields populate automatically.
Supabase provides two connection string formats:
postgresql://postgres:[YOUR-PASSWORD]@db.[PROJECT-REF].supabase.co:5432/postgres
postgresql://postgres.[PROJECT-REF]:[YOUR-PASSWORD]@aws-0-[REGION].pooler.supabase.com:5432/postgres
Coming Soon
For more information or to make a connector request, see the public roadmap
| Connector | Status |
|---|---|
| MySQL | In Progress |
See Also
- Introspection - how Monospace discovers your database schema
- Data Model - collections, fields, and relations
- Configuration - environment variables for the system database and SSL
- Data Types - how database types map to the API