The Model Context Protocol (MCP): When and Where it is Essential

The Model Context Protocol (MCP), launched by Anthropic in November 2024 and already adopted by OpenAI, Google DeepMind, and Microsoft, is establishing itself as the future universal standard for connecting artificial intelligence agents to enterprise systems.

Behind this rapid adoption lies a silent, yet decisive revolution: MCP redefines how organizations integrate and deploy generative AI at scale.

Until now, Large Language Models (LLMs) remained confined to isolated environments, unable to interact directly with the real-world data, tools, and workflows of the company.

The MCP lifts this structural lock by providing an open, standardized, and interoperable protocol that fluidly connects the cognitive capabilities of models to the operational infrastructure of organizations.

In other words, MCP doesn't just improve AI: it recomposes its architecture, transforming language models into fully connected agents, capable of acting, reasoning, and collaborating within existing systems.

Adoption Momentum and Growth Indicators

Since its open-source release, the Model Context Protocol (MCP) has seen exponential growth, confirming its status as the new standard for interoperability between AI agents and enterprise systems.

Recent figures attest to massive and rapid adoption, driven by both independent developers and major technology publishers.

Metrics Confirming the Protocol's Traction

  • 6.7 million weekly downloads of the MCP TypeScript SDK, used in front-end and serverless environments.
  • 9 million weekly downloads of the Python SDK, dominant in back-end integrations, research, and automation workflows.
  • The official GitHub registry already lists 44 verified MCP servers, covering a spectrum of major integrations: GitHub, Playwright, Notion, Stripe, HashiCorp Terraform, PostgreSQL, and Slack.
  • At the community level, the ecosystem now boasts over 5,500 active MCP servers and 1,100 dedicated GitHub repositories for the protocol.

These indicators reflect a rare phenomenon: simultaneous adoption by open-source developers and major industry players — a momentum comparable to that of the internet's foundational protocols.

Validation by Tech Giants

The integration of MCP by market leaders sends a strong signal regarding its long-term viability:

  • Microsoft has integrated MCP natively into Windows 11 and Copilot Studio, making the protocol a key component of its AI ecosystem.
  • Google has added official protocol support in its Agent Development Kit (ADK), allowing Gemini and associated tools to consume MCP servers directly.
  • OpenAI has included MCP in its Agent SDK, ensuring compatibility between ChatGPT, enterprise Copilots, and third-party infrastructures.

This convergence among major players creates a structural alignment effect: when the main AI providers adopt the same protocol, it becomes the de facto standard.

A Historical Parallel: MCP as the New HTTP of AI

In the 1990s, the adoption of HTTP by Netscape, Microsoft, and major access providers marked the birth of the modern Web.

Today, the Model Context Protocol follows the same trajectory in the field of artificial intelligence: a simple, open, and extensible protocol that connects heterogeneous systems and catalyzes an entire ecosystem around a common grammar.

This shift is not just technological — it is infrastructural.

MCP is gradually becoming the universal communication layer between agents, models, and applications, laying the groundwork for an Internet of Intelligences where every component, human or machine, can communicate according to a shared language.

Pioneering Sectors and Priority Use Cases

Cloud and Software Development

Software development is the most mature adoption ground. Platforms like Replit, Sourcegraph, Zed, and GitHub Copilot have integrated MCP to allow AI agents to interact directly with version control systems (Git), CI/CD tools, and deployment environments. MCP enables agents to generate code adapted to a project's specific architecture, create Git branches, launch automated tests, and autonomously deploy versions.

Health and Life Sciences

In the health sector, MCP transforms clinical decision support by allowing agents to perform CRUDS operations (Create, Read, Update, Search) on electronic health records via the FHIR standard. GE HealthCare demonstrated agentic AI concepts based on MCP in October 2025 to assist radiology workflows – not only to identify anomalies but also to automatically access prior exams or trigger follow-up scheduling. Initial studies indicate a 25% reduction in diagnostic errors and a 30% reduction in treatment costs through the use of MCP servers.

Finance and Financial Services

Block (formerly Square) is among the early adopters, having connected its internal financial systems via MCP, reporting significant gains in productivity and decision quality. The protocol allows AI agents to access real-time market data to automatically adjust investment strategies, with projections indicating a 25% reduction in financial losses due to fraud and anomalies.

Industry and Manufacturing

In the manufacturing sector, Siemens and General Electric have implemented MCP-based platforms for industrial automation. Johnson & Johnson has deployed an MCP-based predictive maintenance system that reduced downtime by 30% and improved overall equipment effectiveness (OEE) by 25%. The protocol enables agents to monitor equipment performance, adjust conveyor speeds in real-time, and automate defect detection.

Education

The educational sector is beginning to adopt MCP to transform pedagogical workflows. EduBase launched one of the first official MCP servers in edtech, allowing educators to dynamically create assessments, plan exams, and analyze results via natural language conversations with Claude. Tamkang University (TKU) developed a community MCP server to automate course monitoring and unify access to fragmented academic systems.

R&D and Scientific Research

MIT and other labs are using MCP to enable AI agents to interact with data management systems, measurement instruments, and simulation platforms – analyzing experimental data, generating new hypotheses, and automatically configuring instruments to perform new experiments.

Adoption Conditions: Model Maturity and Required Capabilities

AI Model Maturity

MCP only achieves its full value when the organization has advanced AI models, capable of leveraging dynamic discovery and multi-tool orchestration.

While the first generations of assistants relied on pre-configured workflows, chaining static prompts, MCP allows agents to cross a decisive threshold:

  • understanding which tools to use based on the context,
  • planning the execution order of actions,
  • and dynamically adapting to the results obtained.

In other words, AI is no longer content with executing an instruction: it reasons about the process, chooses the most relevant strategy, and acts autonomously within a governed framework. This shift from prompt engineering to agentic reasoning marks the entry into an era of self-orchestrated intelligent systems.

Orchestration Capabilities

To successfully deploy MCP, the underlying architecture must be able to manage stateful sessions, unlike classic REST APIs, which are inherently stateless.

The MCP protocol maintains a persistent context between successive actions of an agent. This allows multiple operations belonging to the same task to be logically linked — for example:

“Book a flight, then add it to my calendar, and send the confirmation on Slack.”

Thanks to this persistent session mechanism, the agent retains memory of the context and can:

  • resume an interrupted task,
  • correct or readjust its steps,
  • or synchronize multiple tools without logical rupture.

This fundamentally conversational and transactional paradigm brings the behavior of MCP agents closer to that of a human collaborator interacting with a complete digital ecosystem.

Governance and Security Requirements

The adoption of MCP in the enterprise is accompanied by increased requirements for security and governance.

MCP servers — true "chokepoints" between AI models and business systems — become critical assets, concentrating access rights to multiple environments.

An academic study published in April 2025 highlighted several potential vulnerabilities:

  • malicious code injections in JSON-RPC message flows,
  • compromise of authentication tokens,
  • and insufficient governance of multi-system permissions.

Faced with these risks, companies must adopt a multi-layered security strategy, combining proactive protection, continuous supervision, and reinforced traceability.

Recommended Security Best Practices:

  1. Robust Authentication: Systematic implementation of OAuth 2.1 with PKCE, regular rotation of API keys, and multi-factor authentication (MFA).
  2. Zero Trust Model: Continuous verification of all communications and strict application of the principle of least privilege.
  3. Granular Access Controls: Hybridization of RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control) models for precise contextual permissions.
  4. Full Encryption: Use of standardized cryptography protocols for data in transit and at rest.
  5. Isolation of Sensitive Environments: Use of containerization (Docker, Podman) or lightweight VMs (Firecracker) to limit the effects of a compromise.
  6. Audit and Observability: Centralized logging in SIEM (Security Information and Event Management) systems, with automated alerts and access traceability.

These practices, already adopted by pioneering companies, ensure a balance between innovation and compliance. They make MCP not an additional risk, but a catalyst for governable and secure AI.

Example Integration Roadmap for CIO/CTO

Phase 1: Evaluation and Planning (2-4 weeks)

Strategic Audit: Evaluate the current technological architecture, identify high-value, low-risk use cases (report automation, document analysis).

Use the 8-critical-constraints decision framework to assess MCP suitability:

  • Performance and latency requirements (acceptable if >500ms)
  • Security risk tolerance
  • Token economics and cost structure
  • Operational complexity and team capacity
  • Data localization and regulatory compliance
  • Scalability constraints
  • Technical integration complexity
  • Ecosystem maturity and vendor risk

Maturity Assessment: Organizations typically require 18-24 months to demonstrate significant competitive advantages, as institutional learning effects accumulate.

Establishing the Zero Trust Foundation: Explicitly define policies and paths for all MCP interactions, establish supply chain security standards (code signing, SAST).

Phase 2: Pilot Deployment (4-12 weeks)

Targeted Pilot Projects: Start with low-risk use cases with read-only access to non-critical systems. Establish clear success metrics including operational indicators (completion time, error rate) and strategic indicators (knowledge accumulation, competitive differentiation).

Technical Configuration:

  • Deploy MCP infrastructure (isolated development, staging, production environments)
  • Implement OAuth 2.1 with PKCE
  • Configure secret and environment variable management
  • Enable HTTPS with rate limiting
  • Test connection pooling and circuit breakers
  • Establish schema validation and caching

Compatible Frameworks and Tools: Select from the 12+ available MCP frameworks:

  • OpenAI SDK: Native MCP support for agentic applications
  • LangChain/LangGraph MCP Adapter: Lightweight wrapper connecting LangChain to MCP toolchains
  • Microsoft Semantic Kernel: Orchestration SDK integrating AI tools and agents in serverless environments
  • Google ADK (Agent Development Kit): Native support for MCP servers
  • Vercel AI SDK: Connect applications to tools and agents in serverless
  • CopilotKit: Frontend integration to compliant MCP servers
  • Langflow: Open-source visual builder acting as both an MCP client and server

Phase 3: Scaling Up and Production (3-6 months)

Progressive Deployment: Extend proven patterns to additional use cases and departments, with phased deployment (internal tools → external functionalities → critical applications).

Production Requirements:

  • Technical: Operational connection pooling, tested circuit breakers, configured performance monitoring and alerts, full audit logging enabled.
  • Security: Access controls to virtual servers implemented, active input/output content filtering, egress controls for sensitive data verified, SOC2/HIPAA compliance validated if applicable, security guardrails for dangerous operations tested.
  • Operational: Tool lifecycle management processes defined, change management for schema updates planned, incident response procedures documented, performance and availability SLAs established, team onboarding and automated provisioning.
  • Centralized Governance: Deploy a centralized governance layer acting as a control plane for all MCP server activity:
    • Single Authentication: Issuance of time-limited and scoped credentials
    • Unified Governance: Access policies defined in one place, uniformly applied
    • Consolidated Audit: All tool calls and policy decisions logged in a single system
    • Tool Classification: Identify each tool by canonical name, capability tags (read/write/admin/destructive), data domain (client/code/finance/HR), risk tier, and environment scope (dev/stage/prod)
  • Deployment Architecture: Choose between local servers (stdio), remote servers (SSE/HTTP), or hybrid architecture. Remote MCP servers are the best proxy for enterprise MCP adoption as they require more effort and trust in client demand, typically deployed by large SaaS organizations (Atlassian, Figma, Asana).

Interoperability and Technical Positioning

MCP vs. REST/OpenAPI

MCP does not replace REST APIs – it adds an AI orchestration layer on top of existing APIs. The fundamental differences:

Aspect REST/OpenAPI MCP
Utilisateurs primaires Développeurs écrivant du code Agents IA et LLMs
Découverte Documentation manuelle Découverte automatique de capacités
Gestion d'état Sans état (stateless) Sessions avec état (stateful)
Protocole REST, GraphQL, gRPC JSON-RPC 2.0
Maturité Battle-tested, décennies Émergent (nov. 2024)
Scalabilité Scaling horizontal intégré Défis de gestion de session
Contexte Géré manuellement par développeur Contexte conversationnel intégré

Technical Foundations

MCP relies on JSON-RPC 2.0 for its messages, with three standardized types: requests (bidirectional with ID), responses (same ID as request, result OR error), and notifications (unidirectional without ID for asynchronous updates). The protocol maintains stateful sessions, allowing the client and server to remember previous messages.

MCP Capabilities: Beyond tool calling (core), the protocol supports streaming of partial results, OAuth 2.1 authentication, session management, sampling, dynamic tool discovery, structured error handling, and event notifications.

Anticipated Challenges and Limitations

Security and Compliance Challenges

One of the major stakes of MCP lies in the security of the servers — true privileged access points between AI agents and the enterprise infrastructure.

Each MCP server, if misconfigured or granted excessive permissions, can become a critical compromise point, capable of accessing multiple connected systems.

Specific challenges include:

  • Expanded Attack Surface: Each new server adds a potential gateway to sensitive resources.
  • Oversized Permissions: A compromised server with extended rights can exfiltrate confidential data or execute unauthorized actions.
  • Lack of Native SSO Support: The current MCP specification does not yet support enterprise authentication protocols (SAML 2.0, OpenID Connect), complicating integration with identity providers such as Okta, Azure AD, or Ping Identity.

To mitigate these limitations, several pioneering companies are already deploying complementary security layers: authentication proxies, strict network isolation, internal server approval registries, and active monitoring via SIEM systems.

Operational Complexity

Operationally, the majority of current MCP servers use the STDIO transport, initially designed for local executions (child processes of a client application).

This mode, while effective for individual development, does not meet the requirements of enterprise deployments:

  • Single-User Authentication: Each instance must be launched manually, making multi-user scaling difficult to manage.
  • Mandatory Co-location: The server and client must reside on the same machine, preventing logical or network separation.
  • Lack of Network Policies: Inability to filter or control flows between agents and servers.
  • Lack of Horizontal Scalability: STDIO transport supports neither load balancing nor native high availability.

For enterprises, the solution involves adopting the HTTP Streamable transport, which allows for remote, scalable, and secure deployment — but this is still only partially supported by the official MCP SDKs.

Ecosystem Maturity

MCP is still young: less than a year after its launch, its ecosystem remains in the consolidation phase.

Although growth is spectacular, functional maturity and stability of implementations vary by language and use.

Companies must therefore:

  • evaluate their tolerance for protocol evolution (possible API or schema changes until 2026),
  • anticipate a learning curve for their development teams,
  • verify the availability of MCP servers adapted to their legacy systems (SAP, Oracle, SharePoint, etc.).

At this stage, MCP is more suitable for pilot programs or hybrid environments than for massive deployments in critical production.

Token Economics

Finally, MCP can generate significant token consumption if its implementation is not optimized. Each server exposes descriptions, metadata, and sometimes voluminous JSON schemas, which are transmitted to the model for contextualization. Multiplied by dozens of servers and hundreds of calls, these exchanges can inflate operational costs.

Recommended optimization strategies include:

  • Selective Caching of tool schemas and metadata to avoid reloading them in every session.
  • Reduction of the number of exposed tools per server (principle of least capability).
  • Compression and minimization of prompt descriptions and resources.
  • Active monitoring of token consumption per deliverable or session via internal metrics.

These measures help maintain the initial promise of MCP — efficient and controlled orchestration — without cost overrun or cognitive overload for the models.

Strategic Recommendations

MCP is essential when:

  1. The organization has multi-step AI workflows requiring coordination between multiple tools and data sources.
  2. Interoperability between AI models is a strategic issue (avoiding vendor lock-in).
  3. The scalability of AI integrations becomes a bottleneck (N×M problem).
  4. Agent autonomy takes precedence over rigid scripted workflows.
  5. Organizational maturity allows absorbing 18-24 months before significant ROI.

Conversely, avoid MCP if:

  • Latency requirements are <500ms (high-frequency trading, real-time gaming).
  • Guaranteed stability and absolute vendor independence are needed.
  • Intolerance to high security risk without the capacity to implement robust governance.
  • Critical legacy systems without available MCP servers.

Evolutionary Perspectives

In less than two years, MCP has crossed adoption thresholds that standards like OpenAPI or GraphQL took five to seven years to reach.

This momentum is explained by three drivers:

  • Industrial Convergence: OpenAI, Anthropic, Microsoft, and Google now use the same integration protocol.
  • Universality of Agentic Logic: Every sector, from code to healthcare, seeks to connect agents to dynamic environments.
  • Network Effect: The more MCP servers exist, the simpler and more profitable the creation of new agents becomes.

Market projections indicate that MCP could become the "backbone" of the AI agent economy, mirroring HTTP for the web or REST for the cloud.

A Transversal Engine for Sectoral Growth

The protocol is not limited to tech: it fuels a profound transformation of data-intensive sectors.

  • Health and Edge Computing: The Edge Healthcare AI market is estimated to reach $208.2 billion by 2030. MCP servers play a key role in securely connecting medical devices, diagnostic models, and hospital research databases, both locally and securely.
  • Finance and Predictive Analytics: The global AI Financial Analytics market is expected to reach $11.4 billion by 2027, with MCP serving as the interoperability foundation between analysis models, ERPs, and regulatory compliance systems.

These figures do not just reflect an economic opportunity — they illustrate how MCP restructures value chains, by streamlining the passage from data to decision.

Towards "AI-native" Architectures

The MCP ecosystem is now guiding system design towards "AI-native" architectures, meaning they are designed for AI agents before human users.

This architectural shift is based on a simple principle: the most frequent interactions will no longer be between humans and applications, but between agents and systems.

In this paradigm:

  • providers will expose their capabilities via standardized MCP servers,
  • clients will delegate their transactions and analyses to connected agents,
  • and inter-company partnerships will be automatically orchestrated, according to shared and audited rules.

In other words, MCP becomes the economic interface for inter-agent collaboration.

A Risk of Exclusion for Unprepared Organizations

As agents become the new standard for interaction — in supplier relations, customer management, or B2B alliances —, organizations lacking these capabilities risk a form of digital isolation.

They will be less capable of exchanging contextualized data, automating complex processes, or integrating their systems into the highest-performing partner networks.

In the near future, not speaking MCP will be like not speaking HTTP at the beginning of the web. Companies that master the protocol will shape the collaborative ecosystems of tomorrow; others will only access them by delegation.