Chapter CWhat is MCP?Page 1 of 8

What is MCP?

Interoperability, not magic

MCP gives AI applications and capability providers a shared way to communicate; it does not make every connection safe, intelligent, or automatic.

~13 minHook and intuition

1Try it yourself

Playground

MCP: standard plugs for AI tools

Plug capabilities into an AI client. Ask needs Docs — only works if Docs is connected.

AI client

Before you start

Why this matters

Imagine building an assistant that can search team documents, read a calendar, and create an issue. Without a shared integration pattern, each application may need three custom adapters: one for the document API, one for the calendar SDK, and one for the issue tracker. A second assistant may need three more. Authentication, schemas, errors, and discovery all arrive in different shapes.

Now imagine that each capability can present itself through a common protocol. An application that understands that protocol can connect without inventing a completely new conversation for every provider. This is the intuition behind the Model Context Protocol, or MCP. It is closer to agreeing on a plug shape and signaling rules than to granting unlimited access to whatever is plugged in.

2Learn the idea

Read

The interoperability problem

AI applications often need context and actions beyond the model's built-in knowledge. A model may need current product documentation to answer a support question, or a controlled action that creates a draft ticket. Those capabilities already exist behind APIs, filesystems, databases, and internal services, but every interface has different conventions.

Custom adapters are not inherently bad. In a small application, one carefully written API integration can be ideal. The scaling problem appears when many hosts need many integrations. Every pair can require bespoke code, documentation, testing, and maintenance. Providers also have to explain their capability separately to each application.

MCP standardizes a layer between these sides. A server can expose supported capabilities in recognizable categories, and a client can discover and use them through protocol-defined messages. This reduces repeated integration work and makes capability providers more portable across compatible applications.

Read

What MCP is

MCP is an open protocol for exchanging context and capability information between an AI application and connected servers. It defines roles, lifecycle expectations, message shapes, and capability primitives. That shared contract makes it possible for independently built software to interoperate.

The word protocol matters. A protocol is an agreement about communication, not a complete product. HTTP standardizes web communication but does not decide whether a website is trustworthy. Similarly, MCP can standardize how an application learns that a server offers a search tool, but it does not decide whether the current user should be allowed to run that tool.

MCP also does not require one model vendor. A host may use different models, deterministic code, or no model for some steps. The protocol concerns the connection between software components, not the internal intelligence of the model.

Read

What MCP is not

MCP is not a model, an agent, a database, or a replacement for an underlying API. A server that exposes a ticket-creation tool still needs some implementation that talks to the ticket system. MCP gives that implementation a standard-facing surface.

It is also not an automatic security boundary. A server can honestly advertise a destructive tool. Standardized discovery makes the tool visible; it does not make invoking it appropriate. The host application still owns user consent, authorization decisions, policy checks, user interface, logging, and the decision to send any request.

Finally, MCP is not a promise that every client supports every optional capability in the same way. Compatible implementations negotiate what they support. Product behavior, interface choices, and deployment constraints still differ. “Supports MCP” is the beginning of a compatibility question, not the end.

Read

The plug analogy and its limits

The USB analogy is useful because it separates the plug from the device. A keyboard and storage drive can share a connector while offering different functions. In MCP, servers can expose different capabilities through a shared protocol, and a host can connect to more than one server.

The analogy breaks if it suggests instant trust. Physical devices can be malicious, and networked capabilities can be even more consequential. A connection may expose private data or actions with real side effects. The application must know which server it is connecting to, which user identity applies, and which operations are acceptable.

The analogy also hides software lifecycle details. MCP participants initialize a session, declare supported features, exchange requests and results, and handle shutdown or disconnection. A standard plug helps, but robust use still requires careful engineering.

Read

Standardization versus safety

Keep two questions separate:

  1. Can these components communicate correctly?
  2. Should this operation be allowed in this situation?

MCP primarily helps answer the first. The host, server, and surrounding organization must answer the second. A well-standardized call can still leak confidential text if the host sends too much context. A properly authenticated user can still request an action forbidden by business policy. A syntactically valid result can still contain untrusted instructions.

Good systems combine protocol compatibility with least-privilege credentials, explicit consent for consequential actions, validation, logging, and recovery. Standardization can make these controls easier to implement consistently, but it does not supply them by itself.

Read

When the standard earns its cost

MCP is attractive when a capability should work across multiple compatible hosts, when a host needs many independently maintained capabilities, or when discovery reduces hard-coded coupling. It can also give an organization a consistent integration boundary around internal services.

A direct API may remain simpler when one application calls one stable service, needs highly specialized behavior, or cannot justify another abstraction layer. MCP and direct APIs are not enemies: an MCP server commonly wraps direct APIs behind its protocol surface.

The useful decision is not “Is MCP modern?” It is “Will a standard capability boundary reduce duplicated integration work and improve portability enough to justify lifecycle, operational, and security work?”

Checking tutor…

Continue learning · glossary & guides
  1. Does MCP replace the provider's underlying API? No. A server may wrap that API.
  2. Does successful protocol negotiation authorize every advertised action? No. Authorization and policy remain application and server responsibilities.
  3. What problem does MCP primarily address? Interoperability between hosts and capability providers.