You can’t open LinkedIn, or search any articles on AI anymore without seeing a few common terms come up, again and again…MCP. Everywhere you look people are offering MCP servers for various tools, even docker desktop provides an option for deploying containerized MCP servers for a variety of solutions.
So the logical question here, is “What is MCP? And why are so many people so interested in it?”
At least that was my question, and I dove into this to learn more about this technology and its applications. I will say that once you start to peel back the layers on this technology, the more it lives up to the hype as a key part of building not only Generative Chat based solutions, but agentic workflows as well. So let’s dive into it further.
What is Model-Context-Protocol or MCP?
Model Context Protocol or MCP, is a technology that enables LLMs to leverage APIs as tools based upon prompts / response model. The idea being that I provide a mechanism where I give the LLM an endpoint for an MCP server, and that’s the extent of my integration work. The LLM is then able to use the same math, and processing model to engage with this API.
That alone is pretty powerful, when you think about it. The ability to give an LLM an endpoint, and have it figure out how to use that endpoint based upon prompts it receives. But the implications of using those endpoints, and giving the LLM tools means that instead of the interactions being one-way, they now become two—way. We can enable LLMs to take actions based on prompts, rather than just generate responses.
Why is this so important?
When we look at Generative Chat solutions, they generally support a prompt / response model. You ask questions, and it responds with a statistically likely response that you want. This is based upon the training dataset and limited based upon that implementation.
We then expanded that model, by adding RAG or Retrieval Augmented Generation. Where we created vector database, with a one-way connection where we use embedding models to populate a database that augments the LLMs vectors to provide more up—to-date information. This opened a whole new world of possbilities.
And that means that by leveraging these things, we can make Generative AI solutions for our users to interface with. And we can build AI agents that can take preloaded prompts and review the output based on training a dataset or vector database. But we still only have a one-way form of communication.
MCP enables two-way actions, which is huge for agents. Because now we can have an AI Agent, make requests against an API, and ask the model to generates responses. And then we can use that same prompt / response model to direct the AI Agent to take actions based on the responses it gets. We can tell the LLM to “Update this record status to ‘In Progress’” as an example, and have the LLM reach through an API that it understands and take those actions in a backend system.
This ultimately makes Agentic AI solutions the powerful architecture / solution they are. We now have the ability to make AI models take actions on backend systems. Which means that our chat based interface is now not just a way to get visibility into other applications, but a way to take action within these systems.
Imagine for a second that you have multiple systems integrated with a single LLM, and you can then via chat have it take action in multiple systems without having to jump between them. Or imagine being able to actively pull realtime data from multiple sources to gain cross domain insights.
Or imagine extending those endpoints to enable multiple AI agents to be able to communicate back and forth.
This is where MCP becomes really powerful.
What does this mean for application development? How do I build my own?
Now the real question is what does this mean for application developers? For me, this means that act of integrating your existing applications with AI based solutions just became a whole lot easier. If you have an API available and can extend that API to embrace MCP, you can now make AI integration significantly easier.
The great news is that Azure provides capabilities to make this even easier. Specifically:
- Azure API Management – In v2 of APIM, there is support for extending your APIs to embrace MCP servers.
- Azure Functions – Azure Functions now provides an easy to use syntax for enabling your functions as an MCP Server.
Why does this matter for Agentic AI solutions?
So for agentic workloads specifically, MCP means that your solutions can now respond and take action at the speed of AI. Having your AI agents be able to pull and interpret data is interesting, but only as far as its ability to take actions based upon that data. And MCP enables the ability for your solutions to be able to make calls via the same prompt API call to take action to integrate with other solutions.
This opens a wealth of possibilities, and by leveraging existing MCP Servers and custom solutions. You can now leverage fine tuned models to support to drive these kinds of outcomes.
What can I do to get started?
The good news is that there are a lot of great samples of how to build these solutions, and here’s a compiled list of repos I recommend:
What are some key considerations when building MCP Servers?
Now with all the great things said above, there are key considerations to keep in mind. Recently on LinkedIn, there were a bunch of posts going around about how a developer had built an MCP server to integrate with their environment. And then ultimately that Coding Assistant had deleted a production database and then lied about it.
A lot of people saw this as a failing of coding assistants, and developer tools. I disagree, this is a failure of DevSecOps processes. When you build an MCP Server, it is of paramount imporantance that you limit the capabilities and features of your API to only the actions you want your Chat / Agentic solutions to take. That MCP server should have never had an endpoint that enabled that kind of capability.
Remember that the decision of when to call that endpoint is made based upon the statistical math that it uses to generate responses. So you want to make sure that it can’t take destructive actions without the proper guardrails in place.
Another key consideration is around authentication and authorization. When you build agentic ai solutions, it is extremely important to make sure we scope the identities and authorizations that are given to these agents to ensure that inappropriate actions are not taken.
Final Thoughts?
As I mentioned at the beginning, MCP is a really powerful technology that really empowers Agentic AI to deliver on the promises and hype that goes with those terms. Like any technology, we have to be careful to ensure we consider the implications but I do believe this represents the kind of solution that marks the future of software development.