LETTERMCP
All posts

MCP versus API

MCP vs API: Two Different Problems, Two Different Tools

APIs are built for developers. MCP is built for AI models. Conflating them costs you architecture.

Traditional APIs assume a human engineer writes code that knows exactly what to call, when to call it, and what to do with the response. That assumption breaks the moment you introduce a language model that needs to reason about available tools at runtime and decide autonomously how to chain them. MCP exists to fix that mismatch.

What an API Is

An API is a contract between software systems. One side publishes a defined interface; the other side consumes it. The consuming side is always developer-written code following predetermined logic.

The dominant patterns are REST, GraphQL, gRPC, and SOAP. REST uses HTTP methods and resource-based endpoints. GraphQL gives clients query flexibility over a typed schema. gRPC uses binary protocol buffers for high-performance inter-service communication. SOAP uses XML-based messaging, largely a legacy concern. All four share the same underlying assumption: a developer reads documentation, writes code, and that code makes explicit calls to defined endpoints with defined payloads.

Authentication is handled per-integration. API keys and OAuth 2.0 are both common, each with different trust and scope models. The developer implements auth logic; the protocol has no opinion.

APIs are stateless by default. Each request carries everything the server needs to respond. State across calls gets built externally, in a database or a session store.

Why APIs Work at Scale

OpenAPI and Swagger give you machine-readable specifications that generate documentation, client libraries, and test stubs automatically. Versioning conventions let you evolve a service without breaking consumers. Monitoring, rate limiting, caching, and gateway infrastructure are solved problems with 30-plus years of production use behind them.

Predictability is the core value. You know exactly what your integration does because you wrote every line of it.

Where APIs Break Down

That predictability becomes a liability in agentic systems. An AI model doesn't read documentation and write integration code before runtime. It needs to understand what tools are available, determine which ones are relevant to a task, and invoke them in sequences it works out on the fly. A model handed a list of REST endpoints and told to figure it out is working against the tool, not with it.

Session awareness is another gap. Multi-turn agentic workflows require shared context across tool calls. REST doesn't provide that natively, and every workaround is custom-built and brittle.

What MCP Is

Model Context Protocol is an open standard for communication between AI models and the tools, resources, and data sources they need to act in the world. Anthropic introduced it in late 2023; adoption has spread across AI frameworks, IDEs, and agent runtimes since.

The design is model-first. Everything about MCP is oriented around what a language model needs to reason effectively about available capabilities.

The Three-Layer Architecture

MCP operates across three components. The MCP Host is the AI application or agent runtime. The MCP Client manages the connection between host and external servers, handling protocol mechanics. The MCP Server exposes tools, resources, and prompt templates to the model.

Tools are functions the model invokes to take actions. Resources are data the model reads for context. Prompt templates are structured interaction patterns the server exposes for specific workflows. A single MCP session supports one client connecting to multiple servers simultaneously, giving the model a composable capability surface.

How MCP Operates at Runtime

When an agent session starts, the MCP client queries connected servers for their capabilities. Servers respond with structured descriptions of every tool they expose, including names, descriptions, and input schemas. The model reads these and reasons about which tools are relevant to the current task. No human wrote code telling it which endpoint to call.

This is dynamic tool discovery, and it defines the protocol. The model is not executing a predetermined script; it is reasoning about a capability space and making decisions in real time.

Sessions are persistent and context-aware. The protocol passes state across tool calls natively. A multi-step workflow where the output of one tool informs the next works without custom state management bolted on the side. Streaming is supported for long-running operations that need to surface intermediate results.

Transport is flexible. MCP runs over stdio for local processes, HTTP with Server-Sent Events for remote servers, and WebSockets where bidirectional streaming is needed.

How They Actually Differ

The sharpest distinction is the consumer. APIs are consumed by human-written code. MCP is consumed by AI models making autonomous decisions at inference time. That single difference cascades through every other design choice.

Discovery is one of those cascades. API endpoints are documented for developers who read specs and write integrations before anything runs. MCP tools are self-described and discovered by the model dynamically, at runtime, while the task is live.

State management is where traditional API architecture quietly accumulates debt in agentic contexts. APIs are stateless by design; context is the developer's problem to solve externally. MCP sessions carry state natively across the full interaction.

Call structure in an API is decided at development time by a human. In MCP, the model decides which tools to invoke based on live reasoning about the task. The call graph is not written in advance; it emerges.

REST, GraphQL, gRPC, and SOAP are not interoperable, and every API integration is its own surface area to maintain. MCP is a single protocol regardless of what sits behind the server. That consolidation matters operationally when you are running a dozen agentic integrations.

Security surface differs in a way that compounds at scale. API auth is implemented per-integration by the developer, which means a patchwork of one-off implementations. MCP surfaces authentication and permission scoping through the protocol layer, giving agent runtimes a consistent model for trust boundaries.

When to Deploy Each

Traditional APIs belong in deterministic, developer-controlled integrations. Mobile apps calling backend services, microservices communicating with each other, third-party developers building on your platform, internal tooling with fixed call structures. The consumer is code a human wrote, the call structure is fixed, and versioned contracts matter.

MCP belongs where an AI model needs to autonomously select and invoke tools. Agentic workflows with multi-step reasoning, AI assistants operating across multiple services, systems where context continuity across tool calls is a functional requirement, pipelines where the model composes capabilities on the fly.

Most production MCP servers wrap existing REST APIs. The API handles service-to-service communication, data persistence, and non-AI integrations. MCP sits on top as a translation layer, presenting those same capabilities in a form a model can reason about. You are not replacing your API architecture; you are adding a surface for a new class of consumer.

The Tooling Ecosystem

Anthropic publishes official MCP SDKs for Python and TypeScript. Community SDKs in Go, Rust, and Java are in production use. Pre-built MCP servers cover filesystem access, GitHub, Slack, and common databases through Anthropic's official server registry and the broader community. Claude Desktop is the flagship MCP host; Cursor and Zed both ship native MCP support. LangChain and LlamaIndex expose MCP-compatible interfaces for custom agent frameworks.

Infrastructure tooling like Runlayer handles the operational layer: MCP server deployments, routing, monitoring, and access control at scale. This is the same problem API gateways solved for REST, now appearing for MCP as agent workloads move from prototype to production.

What to Do With This

If you are building agent workflows, adopt MCP and wrap your existing APIs behind MCP servers. You expose them to models without rebuilding anything that already works.

If you are not building agentic systems, your existing API architecture is the right tool and this protocol is not your problem yet.

AI models are a fundamentally different class of API consumer. They reason rather than execute. Build infrastructure that matches how they actually work, not infrastructure designed for the engineers who built them.