Anthropic’s Model Context Protocol (MCP) has emerged as the leading standard for connecting AI agents to external tools and data sources. But like any protocol, understanding what it actually specifies—and what it leaves to implementers—is crucial for successful adoption.

What MCP provides

At its core, MCP defines a communication protocol between AI models and external systems. The specification covers:

Transport layer. MCP uses JSON-RPC 2.0 over stdio, HTTP with Server-Sent Events, or WebSocket connections. This gives you flexibility in deployment topology.

Capability negotiation. Servers and clients exchange capability information at connection time, allowing for graceful degradation when features aren’t supported.

Resource exposure. MCP defines how servers expose resources—files, database records, API endpoints—in a standardized format that models can understand and reference.

Tool definitions. The protocol specifies how to describe available tools, including input schemas, descriptions, and invocation patterns.

Prompts and templates. MCP allows servers to expose reusable prompt templates that models can incorporate into their responses.

What MCP doesn’t provide

Understanding the gaps is just as important as understanding the features:

Authentication and authorization. MCP doesn’t specify how to authenticate connections or authorize operations. You’ll need to implement your own security layer.

Discovery. There’s no standard way to discover available MCP servers. Registry patterns are emerging, but they’re not part of the core spec.

Orchestration. MCP connects one model to one or more tool servers. Multi-agent orchestration, task decomposition, and workflow management are out of scope.

Governance. Rate limiting, audit logging, cost tracking—these operational concerns aren’t addressed by the protocol.

Implementation considerations

When adopting MCP in an enterprise context, consider:

Server placement. MCP servers can run locally, in your private cloud, or as managed services. The transport flexibility is an advantage, but you need clear topology decisions.

Schema evolution. Tool schemas will change over time. Build versioning into your deployment strategy from day one.

Error handling. MCP defines error response formats, but how your agents interpret and recover from errors is your responsibility.

Observability. Instrument your MCP servers thoroughly. You’ll need visibility into tool invocation patterns, latencies, and failure modes.

The bigger picture

MCP is a foundational building block, not a complete solution. It standardizes the “last mile” connection between models and tools, but enterprise agent architectures need layers above and below the protocol.

Think of MCP as what HTTP is to web applications—essential infrastructure that enables everything else, but not sufficient on its own.

The organizations that succeed with MCP will be those that understand its role clearly and build the complementary systems—governance, security, orchestration—that turn protocol compliance into production readiness.