PulseAugur
EN
LIVE 23:32:37

MCP protocol shifts to stateless design in major release candidate update

The MCP protocol has released a significant update, with its 2026-07-28 release candidate introducing major changes to its specification. Key among these is the protocol's shift to a stateless design at the protocol layer, requiring clients and servers to adapt their transport assumptions and handle state explicitly within application handles rather than relying on session IDs. Server-initiated requests are now only possible during active client requests, necessitating robust client-side data preservation and replay mechanisms. Additionally, MCP Apps are being treated as distinct application surfaces with implications for security and developer experience, requiring hosts to test iframe isolation and servers to ensure deterministic UI template declarations. The release candidate also enhances authorization by tightening standards around OAuth 2.0 and OpenID Connect, with clients needing to validate the `iss` parameter and authorization servers expected to provide it. AI

IMPACT Requires developers to update clients and servers to maintain compatibility with the stateless protocol design and updated authorization standards.

RANK_REASON This is a technical specification update for a protocol, not a new product release or significant industry event.

Read on dev.to — MCP tag →

AI-generated summary · Google Gemini · from 1 sources. How we write summaries →

MCP protocol shifts to stateless design in major release candidate update

COVERAGE [1]

  1. dev.to — MCP tag TIER_1 English(EN) · Ben Greenberg ·

    The MCP Release Candidate Survival Guide: Apps, Auth, Deprecations, and Tool Schemas

    <p>The <a href="https://blog.modelcontextprotocol.io/posts/2026-07-28-release-candidate/" rel="noopener noreferrer">MCP <code>2026-07-28</code> release candidate</a> is the largest major specification revision since MCP launched. It is also a compatibility test for everyone build…