What is MCP Servers — In a Nutshell

Introduction

#

For a long time, Large Language Models (LLMs) were islands. Smart, but isolated — cut off from live data, real tools, and the systems developers actually use. Every time you wanted an AI to interact with a database, an API, or a file system, you had to write custom glue code from scratch.

Model Context Protocol (MCP) changes that. And MCP Servers are the beating heart of the whole system.

What is MCP?

#

MCP (Model Context Protocol) is an open standard — published by Anthropic in November 2024 — that defines how AI applications communicate with external tools, data sources, and services. Think of it like REST or GraphQL, but designed specifically for AI agents.

Instead of building a custom integration every time you want your AI to talk to Slack, GitHub, or a database, you build (or use) an MCP Server once and connect to it from any MCP-compatible AI client.

“MCP isn’t a library or SDK. It’s a spec — like REST or GraphQL, but for AI agents.” — Vercel

So What Exactly Is an MCP Server?

#

An MCP Server is a lightweight service that wraps your tools, data, or APIs and exposes them to AI models in a standardized, discoverable way. It runs as a standalone process that an AI host (like Claude, Cursor, or your own app) can connect to.

The server is what gives the AI model real-world superpowers:

• Read files from a filesystem
• Query a live database
• Trigger CI/CD pipelines
• Interact with GitHub, Jira, Slack, AWS, and more

The Architecture: Host → Client → Server

#

MCP follows a clean three-layer architecture:

MCP Host (e.g., Claude Desktop, your AI app)
    └── MCP Client (manages protocol sessions)
            └── MCP Server (exposes tools/data)

• MCP Host — The application where the AI lives (e.g., Claude, an IDE, a custom chatbot).
• MCP Client — Lives inside the host; handles the protocol handshake and message routing.
• MCP Server — The external service that provides tools, resources, and prompts.

A single host can connect to multiple MCP servers in parallel, keeping each one sandboxed and independent.

The Three Primitives

#

Every MCP Server exposes its capabilities through three core building blocks:

1. 🔧 Tools

#

Executable functions the AI can call to do things. These are the verbs.

Examples:

• create_github_issue
• query_database
• send_slack_message
• run_terminal_command

2. 📦 Resources

#

Read-only data the AI can access for context. These are the nouns.

Examples:

• File contents from your filesystem
• Records from a database
• Logs from a monitoring system
• Brand guidelines or configuration files

Resources are identified by URIs (e.g., file:///etc/config.yaml or mcp://database/customers/active).

3. 💬 Prompts

#

Reusable instruction templates that guide how the AI approaches a task. Think of them as structured recipes for complex workflows.

Example:

"Analyze this codebase against OWASP Top 10 and produce a security audit report."

How the Flow Works

#

Here’s the lifecycle of an MCP session from start to finish:

1. Initialization — The host starts and creates MCP clients, which perform a capability/version handshake with each server.
2. Discovery — The client asks the server: “What tools, resources, and prompts do you offer?” The server responds with typed schemas.
3. Context Provision — The host surfaces resources to the user and converts tool definitions into a format the LLM can call.
4. Invocation — The model decides it needs a tool, and the host routes the call to the correct server.
5. Execution — The server runs its logic and returns structured results back to the model.

Unlike REST (which is stateless), an MCP session stays open across multiple tool calls within a conversation — so the AI carries context forward without reinitializing every step.

Transport: How Servers Communicate

#

MCP uses JSON-RPC 2.0 as its messaging format. Two main transports are supported:

Real-World Examples

#

MCP has been adopted rapidly across the industry. Here are some real servers in use today:

A practical example: you ask your AI agent “Investigate increased 5xx errors in prod over the last 30 minutes” — the AWS MCP Server fetches metrics, scans logs, cross-references configs, and surfaces the likely root cause. No manual digging.

Why It Matters: The N×M Problem

#

Before MCP, connecting AI to tools created an N × M integration problem:

• N models (Claude, GPT-4, Gemini…)
• M tools (Slack, GitHub, databases…)
• = N × M custom integrations to build and maintain

MCP collapses this to N + M. Build one MCP Server for your tool, and any compatible AI can use it.

Security Considerations

#

MCP handles security at the transport layer:

• Servers enforce access control and permissions — the AI only gets what it’s authorized to see.
• The host can require user approval before any tool is invoked.
• Credentials and API keys are never exposed to the model directly — they stay server-side.
• OAuth flows let servers obtain third-party authorization without passing tokens through the client.

That said, security is still an active area. Prompt injection and token handling require careful attention when building production MCP servers.

Quick Summary

#

Getting Started

#

Want to build your own MCP Server? The official SDKs are available in:

• Python — pip install mcp
• TypeScript/Node — npm install @modelcontextprotocol/sdk
• Java — via Spring AI MCP integration

The official docs and spec live at 👉 modelcontextprotocol.io

Co-authored by Vishwakarma, Deeps 2nd Brain