Chapter 03

Model Context Protocol

Anthropic's open standard for agent-to-tool communication—a universal connector that enables any compliant agent to interact with any compliant tool.

The Model Context Protocol addresses a fundamental challenge in agent development: how to reliably connect AI models to external capabilities without vendor-specific integrations. MCP provides a universal connector that standardizes tool invocation across the ecosystem.

"MCP provides a universal, standardized, plug-and-play connector that lets any LLM securely integrate with any external tool, API, or dataset."

Core Architecture

MCP implements a client-server architecture where the agent runtime hosts an MCP client that communicates with external MCP servers. Each server exposes one or more tools—well-defined functions with explicit input schemas and output types.

🔄 MCP Request-Response Flow

👤

User

Query / Request

→

🤖

LLM + MCP Client

Agent Runtime

→

⚡

MCP Server

Tool Provider

→

🌐

External API

Data Source

MCP Primitives

MCP defines four core primitives that enable rich agent-tool interactions:

🔧

Tools

Functions the server exposes for the client to call, with defined input schemas and outputs

📦

Resources

Data exposed by the server—files, database records, or other content the agent can read

📝

Prompts

Pre-defined prompt templates that servers can offer to guide LLM interactions

📡

Sampling

Allows servers to request LLM completions through the client for agentic workflows

9-Step MCP Workflow

The complete MCP interaction follows a well-defined sequence from initialization through result delivery:

📋 Complete Request Lifecycle

Initialization

MCP Client sends initialize request with protocol version and client capabilities

Capability Exchange

MCP Server responds with its capabilities: available tools, resources, prompts, and sampling support

User Query

User submits a natural language query or request to the agent

LLM Reasoning

LLM analyzes the query and determines which MCP tool(s) to invoke

Tool Invocation

MCP Client sends tool call request with structured arguments to MCP Server

External Execution

MCP Server executes the tool, potentially calling external APIs or databases

Result Return

MCP Server returns structured result to MCP Client

Response Synthesis

MCP Client delivers the final processed result to the user

Async Notifications

MCP Server can push notifications or updates back to the MCP Client at any time

MCP Registry

An MCP Registry is a centralized, machine-readable directory that lists MCP servers, their capabilities, connection details, and metadata. This enables clients and IDEs to easily discover and install servers without manual configuration.

📚

Discovery

Query API to list servers and filter by capabilities

🏢

Sub-Registries

Enterprises can run mirrors with policy layers

🔐

Access Control

Approval workflows and compliance enforcement

Security Model

🔑 Protocol Authorization

Aligns with OAuth 2.1 concepts including Auth Server Metadata, Dynamic Client Registration, and Resource Metadata. Enables scoped access tokens for restricted MCP servers.

📋 Version Negotiation

Messages include explicit protocolVersion fields, ensuring clients and servers only operate when versions are compatible—limiting downgrade or mismatch risks.

✅ Consent & Tool Gating

User consent and explicit authorization are part of the protocol's intended flow, standardizing a "consent checkpoint" in the lifecycle of tool calls.

Implementation Example

                Python
                Hover each line for explanation
            

MCP ensures that any compliant agent can call any compliant tool—preventing vendor lock-in while maintaining consistent security and audit capabilities across the enterprise.