Key Changes
1. JSON-RPC Batching Removed MCP no longer supports batching of JSON-RPC calls. This simplifies client-server interactions and reduces complexity on the server side, though it may require minor rework for clients previously using batched requests for performance.
2. Structured Tool Output Introduced Tool responses can now be returned in a structured format. This change allows client applications to more reliably interpret results, particularly when dealing with complex tools or workflows.
3. OAuth Resource Server Model Adopted MCP servers are now formally defined as OAuth 2.0 Resource Servers. They publish metadata that allows clients to discover the correct Authorization Server. This aligns MCP with industry-standard practices for access management.
4. Resource Indicators Required Clients are now required to use RFC 8707 Resource Indicators. This helps ensure access tokens are scoped to the correct resource, improving protection against token misuse.
5. Elicitation Support Added The protocol introduces a mechanism for elicitation, which allows servers to request additional input from users during an interaction. This is useful for handling incomplete or ambiguous requests in a structured way.
6. Resource Links in Tool Responses Tool outputs can now include links to related resources, helping clients present follow-up actions or contextual information to users more effectively.
7. MCP Protocol Version Header Required
Clients using HTTP must now include an MCP-Protocol-Version
header after version negotiation. This ensures consistency in behavior across sessions.
8. Lifecycle Operation Made Mandatory A previously recommended behavior in lifecycle operations is now mandatory, strengthening compliance expectations between clients and servers.
Schema Enhancements
- A
_meta
field is now available in more interface types for attaching auxiliary information. - A
context
field was added toCompletionRequest
, allowing inclusion of resolved variables across multiple interactions. - A
title
field was introduced to distinguish human-readable labels from machine-readablename
fields.
Security Guidance Expanded
The update also expands the security section of the specification and introduces a new page on best practices. Topics include token handling, authorization boundaries, and resource isolation — all aimed at reducing implementation risks.
Summary
This MCP revision focuses on streamlining the protocol, improving interoperability, and reinforcing security. The removal of JSON-RPC batching simplifies communication models, while structured output and elicitation improve flexibility and clarity in tool-driven workflows.
For developers building on top of the MCP — whether for model orchestration, agent frameworks, or tool integrations — this update provides both stability and clearer guidance. The full changelog is available on GitHub.