MCP (Model Context Protocol): Complete Guide 2026

What Is the Model Context Protocol (MCP)?

The Model Context Protocol (MCP) is an open standard created by Anthropic that defines how AI applications connect to external tools, data sources, and services. Think of MCP as the "USB-C for AI": a universal interface that allows any language model to interact with the outside world in a standardized way.

Before MCP, every integration between an LLM and an external tool required custom code. If you wanted Claude to access your database, you had to write a specific plugin. If you then wanted to connect GPT-4 to the same resource, you had to rewrite everything from scratch. MCP solves this with a single protocol that any client and server can implement.

MCP Architecture: Host, Client, and Server

MCP's architecture is built on three main components that follow a well-defined client-server pattern:

• Host: The application the user interacts with directly (Claude Desktop, an IDE, a chatbot). The host orchestrates connections and manages security.
• Client: A component within the host that maintains a 1:1 connection with a specific MCP server. Each client manages its connection lifecycle.
• Server: A lightweight process that exposes specific capabilities (tools, resources, prompts) through the MCP protocol. It can be local or remote.

1┌─────────────────────────────────────┐
2│           HOST (Claude Desktop)      │
3│                                     │
4│  ┌──────────┐    ┌──────────┐      │
5│  │ Client A │    │ Client B │      │
6│  └────┬─────┘    └────┬─────┘      │
7│       │               │            │
8└───────┼───────────────┼────────────┘
9        │               │
10   ┌────▼─────┐    ┌────▼─────┐
11   │ Server A │    │ Server B │
12   │ (GitHub) │    │ (SQL DB) │
13   └──────────┘    └──────────┘

This architecture allows a single host to connect to multiple MCP servers simultaneously. For example, Claude Desktop can have a GitHub server, a PostgreSQL server, and a Slack server all connected at the same time.

Core MCP Capabilities

An MCP server can expose three types of capabilities:

1. Tools

Tools are functions that the model can invoke. They are the equivalent of function calling, but standardized. Examples: executing a SQL query, creating a file, sending a Slack message, triggering a deployment.

2. Resources

Resources are data that the model can read. They are similar to GET endpoints in a REST API. Examples: the contents of a file, a database schema, the latest commits from a repository.

3. Prompts (Templates)

Prompts are reusable prompt templates that the server offers to the client. Useful for standardizing common workflows like "analyze code", "generate documentation", or "review a PR".

Transport Protocols

MCP supports several transport mechanisms for client-server communication:

• stdio: Communication via standard input/output. Ideal for local servers that the host launches as child processes. The simplest and most commonly used for local development.
• Streamable HTTP: The recommended transport for remote servers in 2026. Uses standard HTTP with optional streaming via Server-Sent Events (SSE). Compatible with existing web infrastructure (load balancers, proxies, CDN).
• SSE (legacy): The original HTTP transport for MCP. Uses two endpoints: one POST to send messages and one GET with SSE to receive them. Being replaced by Streamable HTTP.

1// Example: Transport configuration in Claude Desktop
2// File: claude_desktop_config.json
3{
4  "mcpServers": {
5    "my-local-server": {
6      "command": "node",
7      "args": ["./dist/server.js"],
8      "transport": "stdio"
9    },
10    "my-remote-server": {
11      "url": "https://mcp.mycompany.com/api",
12      "transport": "streamable-http",
13      "headers": {
14        "Authorization": "Bearer your-token-here"
15      }
16    }
17  }
18}

Building an MCP Server in TypeScript

Let's create a functional MCP server in TypeScript that exposes a tool to query a weather API. We will use the official @modelcontextprotocol/sdk package.

1import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
2import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
3import { z } from "zod";
4
5// 1. Create the server
6const server = new McpServer({
7  name: "weather-server",
8  version: "1.0.0",
9  description: "MCP server for weather queries"
10});
11
12// 2. Define a tool with Zod validation
13server.tool(
14  "get-weather",
15  "Gets the current weather for a city",
16  {
17    city: z.string().describe("City name"),
18    units: z.enum(["celsius", "fahrenheit"]).default("celsius")
19  },
20  async ({ city, units }) => {
21    const response = await fetch(
22      `https://api.weatherapi.com/v1/current.json?key=API_KEY&q=${city}`
23    );
24    const data = await response.json();
25    const temp = units === "celsius"
26      ? data.current.temp_c
27      : data.current.temp_f;
28
29    return {
30      content: [{
31        type: "text",
32        text: `Weather in ${city}: ${temp}° ${units}, ${data.current.condition.text}`
33      }]
34    };
35  }
36);
37
38// 3. Define a resource
39server.resource(
40  "supported-cities",
41  "cities://list",
42  async (uri) => ({
43    contents: [{
44      uri: uri.href,
45      mimeType: "application/json",
46      text: JSON.stringify(["New York", "London", "Tokyo", "Berlin", "Sydney"])
47    }]
48  })
49);
50
51// 4. Connect with stdio transport
52const transport = new StdioServerTransport();
53await server.connect(transport);
54console.error("Weather MCP server started");

To run this server, install the dependencies:

1npm init -y
2npm install @modelcontextprotocol/sdk zod
3npx tsc --init
4# Compile and run
5npx tsc && node dist/server.js

Building an MCP Server in Python

The Python ecosystem also has an official MCP SDK. Here we create a server that exposes tools to interact with a SQLite database:

1import sqlite3
2from mcp.server.fastmcp import FastMCP
3
4# Create server with FastMCP (high-level API)
5mcp = FastMCP("database-server")
6
7DB_PATH = "my_database.db"
8
9@mcp.tool()
10def query_database(sql: str) -> str:
11    """Execute a SQL SELECT query on the database.
12    Only read-only queries (SELECT) are allowed.
13    """
14    if not sql.strip().upper().startswith("SELECT"):
15        return "Error: Only SELECT queries are allowed"
16
17    conn = sqlite3.connect(DB_PATH)
18    try:
19        cursor = conn.execute(sql)
20        columns = [desc[0] for desc in cursor.description]
21        rows = cursor.fetchall()
22        result = [dict(zip(columns, row)) for row in rows]
23        return str(result)
24    except Exception as e:
25        return f"Error executing query: {e}"
26    finally:
27        conn.close()
28
29@mcp.tool()
30def list_tables() -> str:
31    """List all available tables in the database."""
32    conn = sqlite3.connect(DB_PATH)
33    cursor = conn.execute(
34        "SELECT name FROM sqlite_master WHERE type='table'"
35    )
36    tables = [row[0] for row in cursor.fetchall()]
37    conn.close()
38    return str(tables)
39
40@mcp.resource("schema://tables/{table_name}")
41def get_table_schema(table_name: str) -> str:
42    """Return the schema of a specific table."""
43    conn = sqlite3.connect(DB_PATH)
44    cursor = conn.execute(f"PRAGMA table_info({table_name})")
45    columns = cursor.fetchall()
46    conn.close()
47    schema = [{"name": c[1], "type": c[2], "nullable": not c[3]} for c in columns]
48    return str(schema)
49
50# Start the server
51if __name__ == "__main__":
52    mcp.run(transport="stdio")

Security and Best Practices

MCP introduces a new attack surface that you must consider carefully:

Principle of Least Privilege

Each MCP server should have access only to the resources it needs. If your GitHub server only needs to read issues, don't give it write permissions on repositories.

Input Validation

Always validate the arguments your tools receive. Use Zod in TypeScript or Pydantic in Python. Never trust that the model will send correct data.

Authentication and Authorization

For remote servers, implement OAuth 2.1 (the recommended flow per the MCP specification). For local servers, process isolation is generally sufficient.

Logging and Auditing

Log all tool invocations with their arguments and results. This is critical for debugging issues and for meeting compliance regulations.

1// Logging middleware for an MCP server
2server.tool(
3  "delete-record",
4  "Deletes a record from the database",
5  { id: z.string().uuid(), table: z.string() },
6  async ({ id, table }) => {
7    // Log before execution
8    console.error(JSON.stringify({
9      timestamp: new Date().toISOString(),
10      tool: "delete-record",
11      args: { id, table },
12      action: "invoked"
13    }));
14
15    // Additional validation
16    const allowedTables = ["drafts", "temp_files"];
17    if (!allowedTables.includes(table)) {
18      return {
19        content: [{ type: "text", text: "Table not allowed for deletion" }],
20        isError: true
21      };
22    }
23
24    // Execute operation...
25    return {
26      content: [{ type: "text", text: `Record ${id} deleted from ${table}` }]
27    };
28  }
29);

Ecosystem and Compatible Tools

The MCP ecosystem has grown enormously since its launch. Here are the main platforms supporting it in 2026:

IDEs and Editors

• Claude Desktop: The original MCP client. Supports all capabilities (tools, resources, prompts) and multiple transports.
• VS Code + GitHub Copilot: Native MCP support since version 1.99. Servers can be configured in settings.json or .vscode/mcp.json.
• Cursor: Deep MCP integration. Servers are configured in the project's "MCP" settings section.
• Windsurf: Full MCP support with a visual interface to manage servers.
• Zed: The high-performance editor has also adopted MCP for its AI capabilities.

Popular MCP Servers

• GitHub MCP Server: Full access to repos, issues, PRs, Actions.
• PostgreSQL / MySQL: Queries, schemas, migrations.
• Slack: Send messages, search conversations, manage channels.
• Filesystem: Read/write files with granular permissions.
• Puppeteer / Playwright: Browser automation.
• AWS / GCP / Azure: Cloud resource management.

Real-World Use Cases

MCP is not just a theoretical specification. It is already being used in production by companies of all sizes:

Software Development

Engineering teams connect Claude or Copilot to their databases, CI/CD systems, and monitoring tools. A developer can ask "What are the most frequent errors in production this week?" and the model queries Datadog or Grafana via MCP.

Customer Support

Internal chatbots use MCP to access CRMs, ticketing systems, and knowledge bases. The AI agent can search a customer's history, create a Jira ticket, and send a personalized response, all within a single conversation.

Data Analysis

Business analysts connect AI models to data warehouses via MCP. They can ask questions in natural language that get translated to SQL queries, without needing to know SQL themselves.

Conclusion and the Future of MCP

The Model Context Protocol represents a fundamental shift in how we build AI applications. Instead of fragile, proprietary integrations, we have an open standard that any model, tool, and platform can adopt.

In 2026, MCP is already the de facto standard for connecting AI with tools. The specification continues to evolve: new capabilities like elicitation (requesting user input during execution), structured output schemas, and better support for multi-step agents are being added.

If you are building any kind of AI integration, learning MCP is not optional: it is an essential skill for modern software development. Start with a simple server in TypeScript or Python, connect it to Claude Desktop, and experiment with the possibilities.

The future of AI is not just smarter models. It is models that can act in the real world. And MCP is the bridge that makes it possible.