Core Concepts

Understanding the fundamental concepts behind MA²D will help you use the platform more effectively.

What You’ll Learn

This section covers the two fundamental concepts that power MA²D:

• MCP Protocol - Understanding Model Context Protocol and how it enables AI agents to access tools, resources, and prompts
• Agent Cards (A2A) - Agent-to-Agent interaction specifications that enable agents to discover and collaborate with each other

Prerequisites

Basic familiarity with:

• REST APIs and HTTP
• JSON format
• Cloud applications

No prior knowledge of MCP or AI agents required!

Key Concepts Overview

Model Context Protocol (MCP)

MCP is an open protocol that standardizes how applications provide context to Large Language Models (LLMs). Think of it as a universal API for AI agents.

Key components:

• Tools - Functions AI agents can call
• Resources - Data sources agents can read
• Prompts - Interaction templates

Agent Cards (A2A)

Agent Cards define how AI agents discover and interact with each other. They’re like API documentation for AI agents, enabling agent-to-agent collaboration.

Key elements:

• Skills - What the agent can do
• Capabilities - Technical features supported
• Invocation - How to call the agent
• Examples - Sample interactions
• MCP Integration - Links to MCP servers

How MCP and Agent Cards Work Together

MA²D combines both concepts to enable powerful agent capabilities:

1. MCP Servers provide the implementation (tools, resources, prompts)
2. Agent Cards provide the discovery layer (skills, capabilities, invocation)
3. AI Agents use Agent Cards to find capabilities, then invoke MCP endpoints
4. Result: Seamless agent-to-agent collaboration

The MA²D Stack

Frontend Layer

• Next.js 16 with App Router
• React 19 components
• shadcn/ui for consistent design
• Client-side state management

API Layer

• Next.js API Routes
• Serverless functions on Vercel
• MCP SDK for protocol implementation
• RESTful and MCP JSON-RPC endpoints

Data Layer

• Supabase PostgreSQL database
• Row Level Security (RLS) policies
• Real-time subscriptions
• Automatic backups

Integration Layer

• Anypoint Exchange publishing
• OAuth2 and Basic Auth
• MCP HTTP-Streamable transport

Data Flow

Creating an MCP Server

MCP Agent Interaction

Security Model

Authentication

• Email/password via Supabase Auth
• JWT tokens for session management
• Secure password hashing
• Optional MCP endpoint authentication

Authorization

• Organization-based access control
• RLS policies at database level
• Service role for admin operations
• API key protection

Data Isolation

• Every table has organization_id
• RLS ensures users only see their org’s data
• No cross-tenant data leaks
• Database-level enforcement

Design Philosophy

MA²D follows these principles:

1. No-Code First - Visual builders for everything
2. Production-Ready - Built-in validation and compliance
3. Developer-Friendly - Full API access, TypeScript types
4. Enterprise-Grade - Multi-tenancy, security, scalability

Common Patterns

Creating Assets

1. Choose creation method (URL, OpenAPI, Mock)
2. Configure metadata
3. Add components (tools, skills, etc.)
4. Enable/disable as needed
5. Test with mock data
6. Publish to Exchange

Testing Workflow

1. Create server with mock scenarios
2. Copy MCP endpoint URL
3. Test with MCP client
4. Iterate on mock responses
5. Refine before publishing

Publishing Flow

1. Configure Anypoint credentials
2. Check compliance status
3. Fill in asset metadata
4. Publish to Exchange
5. Track publication status

Next Steps

Dive deeper into each concept:

• MCP Protocol - Complete protocol specifications and examples
• Agent Cards (A2A) - A2A protocol deep dive and implementation

Or explore practical applications:

• Features - All features in depth
• Guides - Step-by-step tutorials
• API Reference - Complete API documentation

Questions? Check the FAQ or open an issue.