toolsSource-backedReview first Safety ✓ Privacy ✓

Official MCP Java SDK

Official Java SDK for Model Context Protocol clients and servers, maintained in collaboration with Spring AI, with Java 17+ support, Maven artifacts, synchronous and asynchronous APIs, Reactive Streams, Project Reactor, JDK HttpClient, Servlet transport, JSON binding modules, and conformance tests.

by Model Context Protocol·added 2026-06-18·

CLI

HarnessCLI

Install

Source

mvn dependency:get -Dartifact=io.modelcontextprotocol.sdk:mcp:2.0.0

Readiness

TrustReview first
Sourcesource-backed
Safety notesPresent
ReviewedYes

Documentation Source repository Registry JSON · LLM text

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

The official Java SDK is a protocol library; production risk comes from your MCP tools, resources, prompts, transports, authorization hooks, and framework integration.
Validate tool inputs, enforce caller permissions, bound side effects, and avoid returning raw Java exceptions or internal stack details to MCP clients.
Servlet, Spring, and remote transport deployments need authentication, TLS, request limits, observability policy, cancellation behavior, and abuse protection.
Spring AI MCP security and annotation support may simplify integration, but application owners still need to review authorization, tenant boundaries, and data retention.

Privacy notes

Java MCP clients and servers may expose tool arguments, tool results, resource contents, prompt templates, request metadata, correlation IDs, logs, traces, and authorization context.
Avoid leaking secrets, customer data, private resources, internal identifiers, stack traces, privileged paths, or token values through schemas, responses, errors, or logs.
Document which MCP client, server process, Java framework, model provider, transport, and observability system can observe each request.

Prerequisites

Java 17 or newer and a Maven or Gradle build configured for the selected SDK artifact version.
A choice of core Java SDK usage, Spring AI MCP integration, or both.
A target transport, such as stdio, JDK HttpClient, Servlet, WebFlux, WebMVC, or another framework path.
Authentication, authorization, and data-exposure requirements for production clients and servers.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 20 minutes
Difficulty: intermediate

Tool listing metadata

Website: https://modelcontextprotocol.io
Pricing: free
Disclosure: editorial
Application category: DeveloperApplication
Operating system: Cross-platform

Full copyable content

<dependency>
  <groupId>io.modelcontextprotocol.sdk</groupId>
  <artifactId>mcp</artifactId>
  <version>2.0.0</version>
</dependency>

About this resource

Overview

The official MCP Java SDK is the Model Context Protocol project's Java implementation for building MCP clients and servers. The repository is maintained in collaboration with Spring AI and publishes Maven artifacts under io.modelcontextprotocol.sdk.

The SDK is relevant for Java teams that want MCP support without leaving the JVM, including enterprise services, Spring applications, internal developer platforms, agent gateways, and tools that need synchronous or asynchronous MCP communication.

Maven Dependency

Add the convenience SDK artifact:

<dependency>
  <groupId>io.modelcontextprotocol.sdk</groupId>
  <artifactId>mcp</artifactId>
  <version>2.0.0</version>
</dependency>

The upstream project also includes a BOM, core module, Jackson JSON binding modules, and testing modules for more granular dependency control.

MCP Fit

Choose the official Java SDK when you need MCP client or server support in a Java 17+ codebase, especially where Maven, Servlet infrastructure, JDK HttpClient, Project Reactor, Reactive Streams, SLF4J, Jackson, or Spring AI are already part of the stack.

The SDK supports both blocking-friendly and asynchronous patterns. Production use still needs normal API review: authentication, authorization, logging, error handling, cancellation, and tenant boundaries.

Module Map

Module	Purpose
`mcp-bom`	Dependency version management
`mcp-core`	Core reference implementation, stdio, JDK HttpClient, Servlet, and JSON binding interfaces
`mcp-json-jackson2`	Jackson 2 JSON binding implementation
`mcp-json-jackson3`	Jackson 3 JSON binding implementation
`mcp`	Convenience bundle for core plus Jackson 3
`mcp-test`	Shared testing utilities

Use Cases

Add an MCP server to a Java service or internal platform.
Build an MCP client that connects to local or remote MCP servers.
Use Java 17+, Reactor, and Reactive Streams for async MCP communication.
Expose MCP server endpoints through Servlet-based infrastructure.
Integrate MCP with Spring AI client, server, annotation, and security support.
Run or interpret MCP conformance tests for Java implementations.

Source Review

Verified on 2026-06-18:

The upstream README identifies the repository as the MCP Java SDK.
The repository description identifies it as the official Java SDK for Model Context Protocol clients and servers, maintained in collaboration with Spring AI.
The README documents Java 17+, Maven Central, Java client and server docs, Spring AI MCP docs, Spring Boot starters, annotations, security support, and conformance test results.
The root pom.xml declares group io.modelcontextprotocol.sdk, Java 17, MIT licensing, Maven modules, JDK HttpClient, Servlet, Reactor, SLF4J, Jackson, and project metadata.
The mcp module POM describes the Java MCP SDK artifact and depends on mcp-core plus the Jackson 3 JSON module.
Sonatype Central resolves the io.modelcontextprotocol.sdk:mcp artifact.

Safety and Privacy

Java MCP services frequently run inside enterprise applications with user data, service credentials, logs, and observability pipelines. Keep tools narrow, validate arguments, enforce authorization, and return controlled errors instead of raw exceptions or stack traces.

For Spring, Servlet, or remote deployments, review authentication, OAuth/API-key policy, request limits, observability propagation, tenant boundaries, and retention before exposing MCP endpoints.

Duplicate Check

Checked current content/mcp/, content/tools/, content/skills/, open pull requests, and repository-wide content for modelcontextprotocol/java-sdk, official MCP Java SDK, Model Context Protocol Java SDK, Java MCP server SDK, Java MCP client SDK, Spring AI MCP Java, io.modelcontextprotocol.sdk:mcp, and MCP Maven dependency. No dedicated official Java SDK entry, exact source URL duplicate, target file, or open duplicate PR was found.

#java #mcp #sdk #spring-ai #maven #official

Source citations

Add this badge to your README

Show that Official MCP Java SDK is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/tools/official-mcp-java-sdk.svg)](https://heyclau.de/entry/tools/official-mcp-java-sdk)

How it compares

Official MCP Java SDK side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	Official MCP Java SDK Official Java SDK for Model Context Protocol clients and servers, maintained in collaboration with Spring AI, with Java 17+ support, Maven artifacts, synchronous and asynchronous APIs, Reactive Streams, Project Reactor, JDK HttpClient, Servlet transport, JSON binding modules, and conformance tests. Open dossier	Official MCP Python SDK Official Python SDK for Model Context Protocol clients and servers, published as the `mcp` package on PyPI, with FastMCP server helpers, client support, tools, resources, prompts, stdio, SSE, Streamable HTTP, authentication, elicitation, sampling, logging, and standalone development tools. Open dossier	Official MCP Ruby SDK Official Ruby SDK for Model Context Protocol clients and servers, published as the `mcp` gem with JSON-RPC handling, tool, prompt, and resource registration, stdio and Streamable HTTP transports, Rack/Rails integration, roots, sampling, elicitation, logging, cancellation, pagination, and RubyGems metadata. Open dossier	Official MCP Rust SDK Official Rust SDK for Model Context Protocol clients and servers, published as the `rmcp` crate with tokio async runtime support, server and client features, tool macros, resources, prompts, sampling, roots, logging, completions, notifications, Streamable HTTP, child-process transports, and OAuth support. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	tools	tools	tools	tools
Source	source-backed	source-backed	source-backed	source-backed
Author	Model Context Protocol	Model Context Protocol	Model Context Protocol	Model Context Protocol
Added	2026-06-18	2026-06-18	2026-06-18	2026-06-18
Platforms	CLI	CLI	CLI	CLI
Source repo	—	—	—	—
Safety notes	✓The official Java SDK is a protocol library; production risk comes from your MCP tools, resources, prompts, transports, authorization hooks, and framework integration. Validate tool inputs, enforce caller permissions, bound side effects, and avoid returning raw Java exceptions or internal stack details to MCP clients. Servlet, Spring, and remote transport deployments need authentication, TLS, request limits, observability policy, cancellation behavior, and abuse protection. Spring AI MCP security and annotation support may simplify integration, but application owners still need to review authorization, tenant boundaries, and data retention.	✓The official Python SDK is a protocol library; risk comes from the tools, resources, prompts, transports, auth flows, and server process you build with it. Validate all tool inputs, enforce caller permissions, bound file and network access, and sanitize errors before returning them to an MCP client. HTTP, SSE, and ASGI deployments need authentication, TLS, CORS review, host/path routing controls, request limits, logging policy, and abuse protection. The upstream README says v2 is alpha; production projects should stay on the stable v1 line unless they intentionally pin and test a pre-release.	✓The official Ruby SDK is a protocol library; risk comes from your registered tools, resources, prompts, transports, session handling, and framework integration. Validate tool arguments, enforce caller permissions, bound file and network access, and sanitize exceptions before returning MCP responses. The upstream README warns that Streamable HTTP session and SSE state are in memory by default; multi-process Rack/Rails deployments need stateless mode or sticky sessions. Rails controller integrations that create servers per request should review user context, tool selection, and request-specific authorization carefully.	✓The official Rust SDK is a protocol library; risk comes from the tools, resources, prompts, transports, auth flows, and long-running task behavior you implement with it. Validate tool parameters, enforce caller permissions, bound file and network access, and sanitize errors before returning MCP responses. Streamable HTTP servers, child-process transports, and OAuth flows need normal production controls: auth, TLS, request limits, lifecycle handling, logging policy, and abuse protection. Feature flags can pull in transport, HTTP, OAuth, schema, and process dependencies; review the enabled feature set before shipping.
Privacy notes	✓Java MCP clients and servers may expose tool arguments, tool results, resource contents, prompt templates, request metadata, correlation IDs, logs, traces, and authorization context. Avoid leaking secrets, customer data, private resources, internal identifiers, stack traces, privileged paths, or token values through schemas, responses, errors, or logs. Document which MCP client, server process, Java framework, model provider, transport, and observability system can observe each request.	✓MCP Python servers may expose local files, application data, tool arguments, tool results, resource contents, prompt templates, authentication state, logs, traces, and errors. Do not leak secrets, customer data, private paths, internal identifiers, token values, or privileged resource contents through schemas, examples, responses, or logs. Document which MCP client, model provider, server process, transport, ASGI layer, and observability system can observe each request.	✓Ruby MCP clients and servers may expose tool arguments, tool results, resource contents, prompt templates, request context, session IDs, logs, progress events, exceptions, and filesystem roots. Avoid leaking secrets, customer data, private files, internal identifiers, stack traces, privileged paths, or session contents through schemas, responses, errors, or logs. Document which MCP client, Ruby process, Rack/Rails layer, session store, model provider, transport, and logging system can observe each request.	✓Rust MCP services may expose tool arguments, tool results, resource contents, prompt templates, task state, authentication metadata, logs, traces, and subprocess output. Avoid returning secrets, private files, customer data, internal identifiers, privileged paths, or raw dependency/runtime errors to MCP clients. Document which MCP client, server process, transport, subprocess, model provider, and observability system can observe each request.
Prerequisites	Java 17 or newer and a Maven or Gradle build configured for the selected SDK artifact version. A choice of core Java SDK usage, Spring AI MCP integration, or both. A target transport, such as stdio, JDK HttpClient, Servlet, WebFlux, WebMVC, or another framework path. Authentication, authorization, and data-exposure requirements for production clients and servers.	Python 3.10 or newer and a project managed with uv, pip, or another Python package manager. A decision between stable v1 usage and explicit v2 alpha testing with a pinned pre-release. A target transport, such as stdio for local tools or Streamable HTTP for hosted MCP servers. Clear authorization, side-effect, and data-exposure boundaries for production tools and resources.	Ruby project compatible with the gem's required Ruby version and runtime dependencies. A decision between local stdio integration, Rack/Rails Streamable HTTP, or client-side MCP usage. A session strategy for Streamable HTTP when using Rack-compatible frameworks. Authorization, side-effect, and data-exposure requirements for production tools and resources.	Rust toolchain and Cargo project compatible with the SDK crate version and edition requirements. Tokio async-runtime familiarity for client, server, transport, and handler integration. A selected feature set for server, client, macros, Streamable HTTP, child-process, OAuth, or schema generation support. Reviewed authorization, side-effect, and data-exposure boundaries for production MCP tools and resources.
Install	`mvn dependency:get -Dartifact=io.modelcontextprotocol.sdk:mcp:2.0.0`	`uv add "mcp[cli]"`	`gem install mcp`	`cargo add rmcp`
Config	—	—	—	—
Citations	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationjava.sdk.modelcontextprotocol.io Websitemodelcontextprotocol.io	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationpy.sdk.modelcontextprotocol.io	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationruby.sdk.modelcontextprotocol.io	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationdocs.rs
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…