Skip to main content
Home/Glossary/Model Context Protocol (MCP)

Model Context Protocol (MCP)

An open, JSON-RPC–based client-server standard introduced by Anthropic in November 2024 that lets AI applications discover and connect to external tools, data sources, and prompts in a uniform way — "USB-C for AI integrations."

AI AgentsAlso called: "MCP", "Model Context Protocol"

The Model Context Protocol (MCP) is an open standard that defines how LLM applications connect to external data sources, tools, and context. Anthropic engineers David Soria Parra and Justin Spahr-Summers created it, and Anthropic announced it on November 25, 2024. The design is explicitly inspired by the Language Server Protocol (LSP): instead of every application building bespoke integrations, MCP gives you one reusable wire protocol so any compatible host can talk to any compatible server. In December 2025 Anthropic donated MCP to the Agentic AI Foundation, a directed fund under the Linux Foundation co-founded with Block and OpenAI, moving governance to a vendor-neutral home.

Architecture (three roles)

  • Host — the LLM application that initiates connections (an IDE, chat app, or agent).
  • Client — a connector inside the host that holds a 1:1 stateful connection to one server.
  • Server — a service that exposes context and capabilities to the client.

The wire format is JSON-RPC 2.0 over UTF-8, with explicit client/server capability negotiation at initialization. Servers expose three primitives to the model: Tools (functions the model can invoke), Resources (readable contextual data), and Prompts (reusable templated workflows). Clients can offer Sampling (the server asks the host's LLM for a completion), Roots (filesystem/URI boundaries), and Elicitation (the server requests structured input mid-task) — each gated by user approval.

Transports

  • stdio for local servers launched as a subprocess (newline-delimited JSON-RPC over stdin/stdout).
  • Streamable HTTP for remote servers — a single endpoint supporting POST and GET, optional Server-Sent Events for streaming, and an optional MCP-Session-Id header. This replaced the original HTTP+SSE transport, which is now deprecated.

The current stable spec is 2025-11-25 (the one-year-anniversary release). Authorization is optional and HTTP-based: the server acts as an OAuth 2.1 resource server and the spec now mandates RFC 9728 protected-resource metadata. Cross-vendor adoption is broad — OpenAI (March 2025), Google/DeepMind (April 2025), and Microsoft with native Windows 11 support (May 2025), plus Block, Cloudflare, Replit, and Zed.

MCP does not replace function calling — it standardizes how tools and data are discovered and described, then feeds them to the model's native tool-use interface. For the deep dives see What Is the Model Context Protocol, MCP Server Explained, and the agent-protocols overview; for the threat model read MCP Security Risks. To wire a server into your CLI, see Add an MCP Server to Your AI Coding CLI and generate config with the Claude Code config generator or Codex CLI config generator.

Related Tools

Related Articles

View all articles
📄

AI Agent Protocols Explained: MCP vs A2A vs ACP and the Agent Interoperability Stack

MCP and A2A are not rivals — they are complementary layers of the same stack: MCP connects an agent to tools and data, A2A connects agents to each other. Here is the whole interoperability landscape, with ACP, ANP, and AGNTCY put in their place.

Read article →
📄

What Is the Model Context Protocol (MCP)? The USB-C Port for AI, Explained

Model Context Protocol (MCP) is the open standard — created by Anthropic in late 2024 — that lets any AI application connect to tools, data, and prompts through one uniform wire protocol. Here's how the host/client/server architecture, primitives, and transports actually work.

Read article →
📄

What Is an MCP Server? How Model Context Protocol Servers Work (and How to Use One)

An MCP server is a small program that exposes tools, resources, and prompts to an AI app over a standard protocol. Here is what it actually does, local vs remote transports, a working config block, and how to add one to your AI coding CLI.

Read article →
📄

MCP Security Risks: A Practical Threat Model for Teams Connecting AI Agents to Tools

MCP isn't uniquely unsafe, but every server you connect widens your attack surface. A risk catalogue, the trust model you're actually accepting, and the governance controls MSPs and security teams should put in place.

Read article →

Explore More AI Agents

View all terms

Agent2Agent (A2A)

An open protocol originated by Google in April 2025 for interoperability between AI agents — letting agents from different vendors and frameworks discover each other, advertise capabilities, and collaborate. Complementary to MCP, which connects agents to tools.

Read more →

Agentic AI

AI systems that autonomously plan and take multi-step actions toward a goal — invoking tools, making decisions, and adapting — rather than producing a single one-shot response.

Read more →

AI Agent

An LLM-driven system that perceives context, decides, and acts via tools and APIs in a loop to accomplish tasks — often with memory and some degree of autonomy.

Read more →

Function Calling (Tool Use)

A capability where an LLM outputs a structured call (tool name plus JSON arguments) matching a developer-supplied JSON-Schema tool definition, which the host application executes and feeds back to the model.

Read more →
Back to glossary