Artificial Curiosity Labs
Go back

Builder's Daily / MCP Tooling

MCP Tooling — June 6, 2026

What tool surface does the agent get?

The read

MCP is the tool surface layer — table stakes, not a moat. What matters is which tools get wired, how auth and policy gate them, and whether your org’s skills compound. Ubiquitous protocol; scarce execution context.

What moved

  • MCP 2026-07-28 release candidate makes Streamable HTTP statelessModel Context Protocol Blog The MCP team published the 2026-07-28 release candidate, the largest spec revision since launch. It removes the initialize handshake and Mcp-Session-Id (SEP-2575, SEP-2567), requires Mcp-Method and Mcp-Name headers for routing (SEP-2243), adds tools/list caching via ttlMs and cacheScope (SEP-2549), graduates MCP Apps and Tasks as official extensions, and hardens OAuth with iss validation (SEP-2468). Final spec ships July 28, 2026. Builder angle: Agents behind gateways can drop sticky sessions and route MCP calls on HTTP headers instead of parsing JSON-RPC bodies.

  • AWS documents OAuth code flow for AgentCore Gateway MCP inbound authAWS Machine Learning Blog AWS describes wiring Kiro IDE to Amazon Bedrock AgentCore Gateway with JWT inbound auth. Unauthenticated POSTs to /mcp return HTTP 401 with www-authenticate pointing to /.well-known/oauth-protected-resource; clients discover the IdP, run PKCE authorization code flow, then send Bearer tokens the Gateway validates (iss, exp, audience/custom claims) before proxying to MCP servers. Optional mcp-remote bridges stdio clients to the OAuth-protected HTTP endpoint. Builder angle: Production MCP gateways can enforce per-user IdP tokens at the routing layer before any tool invocation reaches backend servers.

  • mcp-auth-gateway wraps stdio MCP servers with OAuth 2.1 and HTTP transportGitHub Open-source Go gateway exposes any stdio-only MCP server over Streamable HTTP/SSE with OAuth 2.1/OIDC (PKCE, dynamic client registration, token refresh). YAML config selects the OIDC provider and upstream MCP command; each authenticated user gets an isolated MCP process with credentials injected via Unix domain socket rather than environment variables. Builder angle: Teams can add MCP-spec OAuth and remote HTTP access to existing stdio servers without rewriting server code.

Share this post on:
Share this post via WhatsApp Share this post on Facebook Share this post on X Share this post via Telegram Share this post on Pinterest Share this post via email