Model Context Protocol (MCP) - HTTPS Transport
Overview
The Model Context Protocol (MCP) is an open-source standard designed to facilitate seamless and secure communication between AI applications and external tools and data sources [10]. MCP is managed by the Model Context Protocol project, a Linux Foundation project.
Important: This section focuses exclusively on HTTPS transport mechanisms as specified in the user requirements. For local development scenarios, refer to the stdio transport documentation.
Streamable HTTP Transport
The Streamable HTTP transport is the primary mechanism for HTTPS-based communication in MCP, replacing the earlier HTTP+SSE transport from protocol version 2024-11-05 [10].
Architecture
| Component | Description |
|---|---|
| MCP Endpoint | Single HTTP endpoint supporting both POST and GET methods (e.g., https://example.com/mcp) |
| HTTP POST | Client-to-server messages sent as JSON-RPC |
| HTTP GET | Opens SSE stream for server-to-client messages |
| Server-Sent Events (SSE) | Streams messages from server to client for real-time communication |
Message Flow
Client-to-Server (POST)
- Client sends HTTP POST to MCP endpoint
- Request body contains JSON-RPC message
- Content-Type:
application/json - Server responds with JSON-RPC response or SSE stream
Server-to-Client (SSE)
- Client opens SSE connection via GET request
- Server streams JSON-RPC messages as SSE events
- Each event contains a complete JSON-RPC message
- Connection remains open for ongoing communication
Session Management
MCP uses the Mcp-Session-Id header for session management:
- Server generates session ID during initialization
- Client includes session ID in subsequent requests
- Enables stateful interactions across multiple requests
- Session can be terminated by either party
Security Considerations
The MCP specification includes comprehensive security best practices [12]:
| Aspect | Recommendation |
|---|---|
| Transport Security | Always use HTTPS in production |
| Authentication | OAuth 2.0 with PKCE for user authorization |
| Input Validation | Validate all inputs on both client and server |
| Rate Limiting | Implement rate limiting to prevent abuse |
| Error Handling | Don't expose sensitive information in errors |
Authorization
MCP supports OAuth 2.0 authorization [11]:
- Authorization Code Flow with PKCE: Recommended for most applications
- Token-based authentication: Bearer tokens in Authorization header
- Scope-based permissions: Fine-grained access control
Implementation Example
# MCP Streamable HTTP Client Example
import httpx
import json
class MCPClient:
def __init__(self, endpoint: str):
self.endpoint = endpoint
self.session_id = None
self.client = httpx.Client()
def initialize(self):
"""Initialize MCP session"""
response = self.client.post(
self.endpoint,
json={
"jsonrpc": "2.0",
"method": "initialize",
"params": {
"protocolVersion": "2025-06-18",
"capabilities": {},
"clientInfo": {"name": "example", "version": "1.0"}
},
"id": 1
},
headers={"Content-Type": "application/json"}
)
# Extract session ID from response headers
self.session_id = response.headers.get("Mcp-Session-Id")
return response.json()
def call_tool(self, tool_name: str, arguments: dict):
"""Call a tool via MCP"""
headers = {"Content-Type": "application/json"}
if self.session_id:
headers["Mcp-Session-Id"] = self.session_id
response = self.client.post(
self.endpoint,
json={
"jsonrpc": "2.0",
"method": "tools/call",
"params": {
"name": tool_name,
"arguments": arguments
},
"id": 2
},
headers=headers
)
return response.json()