
TL;DR
The 2026-07-28 Model Context Protocol spec is the largest revision since launch: a stateless core, deprecated Roots/Sampling/Logging, MCP Apps, Tasks, and tougher OAuth. Here is what breaks, what to adopt, and a migration checklist for server authors and client integrators before the July 28 deadline.
| Resource | Link |
|---|---|
| 2026-07-28 Release Candidate announcement | blog.modelcontextprotocol.io |
| 2026 MCP Roadmap | blog.modelcontextprotocol.io/posts/2026-mcp-roadmap |
| SEP guidelines (spec change process) | modelcontextprotocol.io/community/sep-guidelines |
| NSA/DoD MCP security guidance (PDF) | media.defense.gov |
The next version of the Model Context Protocol lands on July 28, 2026, and the maintainers are calling it the largest revision since launch. This is not a point release with a few new fields. The 2026-07-28 spec rewrites the core transport model, deprecates three long-standing features, hardens authorization, and promotes two extensions to first-class status.
If you build, host, or integrate MCP servers, this one has a hard dated deadline. The release candidate is available now, and the final spec is locked to July 28. That leaves less than four weeks to validate against the RC and plan your migration. This guide is the decision-intent version: what the spec is, what actually breaks, what is worth adopting, and a concrete checklist split by role so you can figure out how urgent this is for your setup.
For the deep code-level walkthrough of the transport change specifically, see the companion MCP stateless migration guide. This post is the wider map.
MCP has shipped dated specification versions since launch. Each version is a snapshot of the protocol that clients and servers negotiate against. The 2026-07-28 version consolidates a year of roadmap work (the 2026 roadmap) into a single dated release, and it is intentionally a clean break rather than a gentle addition.
Three things make it a big deal:
The net effect: fewer things live in the mandatory core, the core is simpler and easier to scale, and the interesting new surface area moves into extensions you opt into.
The headline change is that the core protocol goes stateless. The old model required a session: the client connected, sent an initialize message, received a session identifier, and echoed that identifier on every following request. That session pinned a client to one server instance.
The new core drops the session handshake. Each request is self-contained and can hit any server instance, so an MCP server can run behind a plain round-robin load balancer with no sticky sessions and no shared session store. Routing moves to an Mcp-Method header, so gateways can make routing decisions from headers instead of parsing request bodies. And tools/list responses become cacheable through a ttlMs field, so clients and infrastructure can hold the tool list for a defined window instead of refetching it on every connection.
The practical impact on existing code:
| Concern | Old behavior | 2026-07-28 behavior |
|---|---|---|
| Session handshake | initialize required first | Removed - self-contained requests |
| Session state | Server memory or shared store | None required in the core |
| Load balancing | Sticky sessions | Plain round-robin works |
| Request routing | Inspect body for session ID | Mcp-Method header |
| Tool list fetch | Re-fetched per connection | Cacheable via ttlMs |
Any server that expects initialize as the first message, any gateway that routes on a session header, and any client that assumes a pinned instance will need to change. The upside is real: horizontal scaling, serverless deployment, and edge compute all get much simpler once state leaves the core. The deeper code patterns for externalizing state are covered in the stateless migration guide.
The spec deprecates three features that shipped in earlier versions:
Deprecation is not deletion. Per the SEP guidelines, deprecated features enter a formal lifecycle rather than disappearing on release day, which is the maintainers' answer to the criticism that breaking changes used to arrive with no runway. But the direction is set: if your server relies on Sampling to call back into the host model, or your client leans on Roots to scope a server, or you depend on protocol Logging for observability, you are now building on features with an expiration date. Plan replacements. For observability, the spec's standardized tracing keys (below) are the forward path instead of protocol Logging.
Tool input schemas move to full JSON Schema 2020-12. If your tools currently use a loose subset of JSON Schema, or rely on validator quirks, stricter validation can reject schemas that used to pass. This is a good change for correctness and for how reliably a model can call your tools, but it is a real compatibility checkpoint. Validate every tool schema against a 2020-12 validator before you ship.
Get the weekly deep dive
Tutorials on Claude Code, AI agents, and dev tools - delivered free every week.
From the archive
Jul 1, 2026 • 5 min read
Jun 30, 2026 • 7 min read
Jun 30, 2026 • 8 min read
Jun 30, 2026 • 6 min read
The rewrite is not only subtraction. Several additions are worth adopting deliberately.
MCP Apps lets a server return sandboxed, server-rendered UI instead of only text. A tool can hand the host a real interface - a form, a table, a control panel - that the client renders in a contained surface. This is the biggest expansion of what a tool call can return, and it changes the design space from "return a string" to "return an interaction." If your product would benefit from richer output than markdown, this is the feature to prototype first.
Long-running work gets a proper home. Tasks graduates from experimental into a first-class extension for operations that do not finish inside one request: builds, deployments, long agent runs, batch jobs. Because the core is now stateless, Tasks is built around resumable, pollable state rather than a held-open connection, so any server instance can report on or advance a task as long as it can reach the shared task store. If you shipped against the earlier experimental Tasks surface, budget time to migrate to the extension's model.
Authorization gets stricter and more standards-aligned around OAuth and OIDC. The direction is tighter validation of tokens and issuers and cleaner client registration, which matters because MCP servers increasingly sit in front of real systems and real data. If you run any authenticated server, treat the auth section of the RC as required reading rather than a nice-to-have, and test your token validation against it directly.
Distributed tracing keys are standardized across SDKs, so requests can be traced across a chain of MCP servers with a common context. With protocol Logging deprecated, this is the sanctioned observability path. Wire it in as you migrate.
Work top to bottom. The early items are the ones that break interoperability.
initialize handshake path. Stop requiring a session as the first message. Treat every request as self-contained.Mcp-Method header routing. Make sure your server and any gateway in front of it route on headers, not body inspection or a session ID.ttlMs to tools/list. Declare how long your tool list is cacheable so clients and infra stop refetching it.If you build the agent, IDE, or host that connects to MCP servers, your job is different: you decide which spec versions to negotiate and how gracefully you degrade.
initialize as a required step. Issue self-contained requests against 2026-07-28 servers.ttlMs on tools/list. Cache the tool list for the declared window instead of refetching per connection.Not everyone needs to move at the same speed. Use this to triage.
| Situation | Urgency | Why |
|---|---|---|
| Building a new MCP server or client now | High | Target 2026-07-28 from day one. No reason to write against the old core. |
| Production server with heavy session state | High | The stateless core is a structural change and needs real migration work before the deadline. |
| Simple stateless server (file reader, API wrapper) | Medium | Mostly SDK updates and header support, but still test against the RC. |
| Authenticated server exposed to external users | High | Auth hardening plus the security guidance make this the riskiest surface to leave stale. |
| Host or IDE integrating third-party servers | Medium to high | You set the compatibility window, but old and new servers will not silently interoperate. |
| Server built on Roots, Sampling, or Logging | Medium | Not broken on day one, but on a removal clock. Plan the replacement. |
| Using a community SDK | Depends | Gate your timeline on when your SDK maintainer ships 2026-07-28 support. |
The blunt version: if you maintain session state or run authenticated servers, treat this as high priority with less than four weeks of runway. If your server is already stateless and unauthenticated, you have more slack, but you still need to validate against the RC and update your SDK.
The timing matters. On June 2, 2026, the NSA and DoD published security guidance for MCP. When defense agencies publish protocol-specific guidance, it is a signal that MCP is now load-bearing infrastructure connecting agents to real systems, and that the threat model deserves attention.
Read the two together. The 2026-07-28 auth hardening and the security guidance point the same direction: MCP servers sit in front of sensitive data and actions, so authorization, isolation, and trust boundaries are now core engineering concerns, not afterthoughts. If you adopt MCP Apps, remember that server-rendered UI is untrusted content and must be sandboxed. Migrating is the moment to also close security gaps, not just chase the spec.
The final specification is dated July 28, 2026. The release candidate is available now, so the window between the RC and the final date is your validation and migration runway. As of early July that is less than four weeks.
The maintainers describe it as the largest revision since launch, and the scope backs that up: a rewritten stateless core, three deprecated features, stricter tool schemas, hardened auth, and two graduated extensions in one dated release. See the release candidate announcement.
Servers that require the old initialize handshake will not interoperate cleanly with clients that speak 2026-07-28, and vice versa. Gateways that route on a session ID, tool schemas that only pass loose validation, and authenticated flows on the old rules are the most likely to fail. Features you built on Roots, Sampling, or Logging keep working for now but are on a removal clock.
No. They are deprecated, which starts a formal lifecycle rather than deleting them on release day, per the SEP guidelines. Treat deprecation as a scheduled removal and plan replacements now instead of waiting for the cutoff.
No. They are extensions you opt into, not mandatory core. Adopt MCP Apps if richer server-rendered output helps your product, and adopt Tasks if you run long-running operations. The stateless core is the part everyone must reckon with; the extensions are opportunistic.
Fix interoperability first (drop the initialize requirement, externalize state, support header routing), then correctness (validate schemas against JSON Schema 2020-12), then security (harden OAuth/OIDC), then adopt extensions. The role-specific checklists above are ordered that way.
The companion MCP stateless migration guide walks through the transport change with before-and-after code, including how to externalize session state for horizontal scaling.
Read next
The MCP 2026-07-28 release candidate drops sessions entirely. Here is what changes, what breaks, and how to migrate your MCP servers before the July 28 deadline.
8 min readMCP lets AI agents connect to databases, APIs, and tools. Here is what it is and how to use it in your TypeScript projects.
5 min readA practical ranked list of MCP servers worth installing first for Claude Code, Cursor, Copilot, Codex, and OpenCode: GitHub, Filesystem, Context7, Playwright, Postgres, Sentry, Supabase, Notion, Slack, and more.
10 min readTechnical content at the intersection of AI and development. Building with AI agents, Claude Code, and modern dev tools - then showing you exactly how it works.
Gives AI agents access to 250+ external tools (GitHub, Slack, Gmail, databases) with managed OAuth. Handles the auth and...
View ToolVisual testing tool for Model Context Protocol servers. Like Postman for MCP - call tools, browse resources, and view...
View ToolA hosted infinite canvas your headless AI agents drive over MCP. Any MCP-speaking agent - Claude Code, Codex, Cursor, or...
View ToolWhat MCP servers are, how they work, and how to build your own in 5 minutes.
AI AgentsConfigure Claude Code for maximum productivity -- CLAUDE.md, sub-agents, MCP servers, and autonomous workflows.
AI AgentsA complete, citation-backed Claude Code course with setup, prompting systems, MCP, CI, security, cost controls, and capstone workflows.
ai-development
The MCP 2026-07-28 release candidate drops sessions entirely. Here is what changes, what breaks, and how to migrate your...

MCP lets AI agents connect to databases, APIs, and tools. Here is what it is and how to use it in your TypeScript projec...

A practical ranked list of MCP servers worth installing first for Claude Code, Cursor, Copilot, Codex, and OpenCode: Git...

A step-by-step guide to building Model Context Protocol servers in TypeScript. Project setup, tool registration, resourc...

Build MCP servers that connect Claude to your databases, APIs, and tools. Architecture, TypeScript SDK code, debugging,...

MCP is the USB-C of AI agents. What the Model Context Protocol is, why Anthropic built it, and how to install your first...

New tutorials, open-source projects, and deep dives on coding agents - delivered weekly.