toolsSource-backedReview first Safety ✓ Privacy ✓

Official MCP Python SDK

Official Python SDK for Model Context Protocol clients and servers, published as the `mcp` package on PyPI, with FastMCP server helpers, client support, tools, resources, prompts, stdio, SSE, Streamable HTTP, authentication, elicitation, sampling, logging, and standalone development tools.

by Model Context Protocol·added 2026-06-18·

CLI

HarnessCLI

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

The official Python SDK is a protocol library; risk comes from the tools, resources, prompts, transports, auth flows, and server process you build with it.
Validate all tool inputs, enforce caller permissions, bound file and network access, and sanitize errors before returning them to an MCP client.
HTTP, SSE, and ASGI deployments need authentication, TLS, CORS review, host/path routing controls, request limits, logging policy, and abuse protection.
The upstream README says v2 is alpha; production projects should stay on the stable v1 line unless they intentionally pin and test a pre-release.

Privacy notes

MCP Python servers may expose local files, application data, tool arguments, tool results, resource contents, prompt templates, authentication state, logs, traces, and errors.
Do not leak secrets, customer data, private paths, internal identifiers, token values, or privileged resource contents through schemas, examples, responses, or logs.
Document which MCP client, model provider, server process, transport, ASGI layer, and observability system can observe each request.

Prerequisites

Python 3.10 or newer and a project managed with uv, pip, or another Python package manager.
A decision between stable v1 usage and explicit v2 alpha testing with a pinned pre-release.
A target transport, such as stdio for local tools or Streamable HTTP for hosted MCP servers.
Clear authorization, side-effect, and data-exposure boundaries for production tools and resources.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 15 minutes
Difficulty: intermediate

Tool listing metadata

Website: https://modelcontextprotocol.io
Pricing: free
Disclosure: editorial
Application category: DeveloperApplication
Operating system: Cross-platform

Full copyable content

uv add "mcp[cli]"

About this resource

Overview

The official MCP Python SDK is the Model Context Protocol project's Python implementation for building MCP clients and servers. It is published on PyPI as mcp and includes server helpers, client support, protocol types, transports, authentication support, standalone development tooling, and documentation for common MCP primitives.

As of 2026-06-18, upstream documents v1.x as the current stable release line and v2 as alpha. This entry describes the official SDK as a whole while treating stable v1 as the default production install path.

Install

For uv-managed projects:

uv add "mcp[cli]"

For pip-managed projects:

pip install "mcp[cli]"

The upstream v2 documentation requires explicit pre-release pins such as mcp==2.0.0aN; do not rely on unpinned installs to test alpha behavior.

MCP Fit

Choose the official Python SDK when a Python application, local automation script, data workflow, API service, or agent runtime needs first-party MCP client or server support. It is especially useful for teams already using Python for internal tools, notebooks, FastAPI or ASGI services, data systems, or developer automation.

The SDK can expose tools, resources, prompts, and transports, but the application still owns authorization and data minimization. Treat each tool like an API endpoint and each resource like model-visible data.

Core Capabilities

Area	Python SDK Coverage
Server helpers	FastMCP-style helpers for registering tools, resources, and prompts
Clients	Python client APIs for connecting to MCP servers
Transports	stdio, SSE, and Streamable HTTP coverage in the upstream docs
Protocol behavior	MCP messages, lifecycle events, sessions, completions, elicitation, and sampling
Authentication	OAuth/client authentication coverage in advanced docs
Development tools	`mcp` command-line tooling through the `cli` extra

Use Cases

Build a Python MCP server around internal APIs or data workflows.
Expose safe read-only resources from a local or hosted Python service.
Add model-callable Python tools to Claude Desktop, Claude Code, or another MCP client.
Test MCP clients and servers from Python automation.
Mount a Streamable HTTP MCP server into an ASGI deployment.
Evaluate v2 alpha behavior while keeping production packages pinned to v1.

Source Review

Verified on 2026-06-18:

The upstream repository identifies itself as the official Python SDK for Model Context Protocol clients and servers.
The README says v1.x is the current stable release and v2 is alpha.
The README documents uv add "mcp[cli]" and pip install "mcp[cli]" install paths for the stable package.
The README covers clients, servers, resources, prompts, tools, stdio, SSE, Streamable HTTP, authentication, elicitation, sampling, logging, and notifications.
pyproject.toml declares the mcp package, Python >=3.10, MIT licensing, the mcp CLI script, and the project documentation/repository URLs.
PyPI resolves package metadata for mcp.

Safety and Privacy

Python MCP servers frequently sit close to local files, notebooks, data stores, cloud credentials, and internal APIs. Keep resource exposure narrow, validate arguments, check user authorization, and avoid returning raw exceptions or private data to clients.

For hosted deployments, review ASGI mounting, CORS, host/path routing, authentication, TLS, logging, and retention. Keep v2 alpha tests isolated from production package constraints until the upstream line is stable.

Duplicate Check

Checked current content/mcp/, content/tools/, content/skills/, open pull requests, and repository-wide content for modelcontextprotocol/python-sdk, official MCP Python SDK, Model Context Protocol Python SDK, Python MCP server SDK, Python MCP client SDK, FastMCP Python, mcp PyPI package, and Python Streamable HTTP MCP. Existing guides cite the Python SDK for MCP tutorials and auth context, but no dedicated official Python SDK entry, exact source URL duplicate, target file, or open duplicate PR was found.

#python #mcp #sdk #fastmcp #official #protocol

Source citations

Add this badge to your README

Show that Official MCP Python SDK is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/tools/official-mcp-python-sdk.svg)](https://heyclau.de/entry/tools/official-mcp-python-sdk)

How it compares

Official MCP Python SDK side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	Official MCP Python SDK Official Python SDK for Model Context Protocol clients and servers, published as the `mcp` package on PyPI, with FastMCP server helpers, client support, tools, resources, prompts, stdio, SSE, Streamable HTTP, authentication, elicitation, sampling, logging, and standalone development tools. Open dossier	Official MCP Java SDK Official Java SDK for Model Context Protocol clients and servers, maintained in collaboration with Spring AI, with Java 17+ support, Maven artifacts, synchronous and asynchronous APIs, Reactive Streams, Project Reactor, JDK HttpClient, Servlet transport, JSON binding modules, and conformance tests. Open dossier	Official MCP Ruby SDK Official Ruby SDK for Model Context Protocol clients and servers, published as the `mcp` gem with JSON-RPC handling, tool, prompt, and resource registration, stdio and Streamable HTTP transports, Rack/Rails integration, roots, sampling, elicitation, logging, cancellation, pagination, and RubyGems metadata. Open dossier	Official MCP Rust SDK Official Rust SDK for Model Context Protocol clients and servers, published as the `rmcp` crate with tokio async runtime support, server and client features, tool macros, resources, prompts, sampling, roots, logging, completions, notifications, Streamable HTTP, child-process transports, and OAuth support. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	tools	tools	tools	tools
Source	source-backed	source-backed	source-backed	source-backed
Author	Model Context Protocol	Model Context Protocol	Model Context Protocol	Model Context Protocol
Added	2026-06-18	2026-06-18	2026-06-18	2026-06-18
Platforms	CLI	CLI	CLI	CLI
Source repo	—	—	—	—
Safety notes	✓The official Python SDK is a protocol library; risk comes from the tools, resources, prompts, transports, auth flows, and server process you build with it. Validate all tool inputs, enforce caller permissions, bound file and network access, and sanitize errors before returning them to an MCP client. HTTP, SSE, and ASGI deployments need authentication, TLS, CORS review, host/path routing controls, request limits, logging policy, and abuse protection. The upstream README says v2 is alpha; production projects should stay on the stable v1 line unless they intentionally pin and test a pre-release.	✓The official Java SDK is a protocol library; production risk comes from your MCP tools, resources, prompts, transports, authorization hooks, and framework integration. Validate tool inputs, enforce caller permissions, bound side effects, and avoid returning raw Java exceptions or internal stack details to MCP clients. Servlet, Spring, and remote transport deployments need authentication, TLS, request limits, observability policy, cancellation behavior, and abuse protection. Spring AI MCP security and annotation support may simplify integration, but application owners still need to review authorization, tenant boundaries, and data retention.	✓The official Ruby SDK is a protocol library; risk comes from your registered tools, resources, prompts, transports, session handling, and framework integration. Validate tool arguments, enforce caller permissions, bound file and network access, and sanitize exceptions before returning MCP responses. The upstream README warns that Streamable HTTP session and SSE state are in memory by default; multi-process Rack/Rails deployments need stateless mode or sticky sessions. Rails controller integrations that create servers per request should review user context, tool selection, and request-specific authorization carefully.	✓The official Rust SDK is a protocol library; risk comes from the tools, resources, prompts, transports, auth flows, and long-running task behavior you implement with it. Validate tool parameters, enforce caller permissions, bound file and network access, and sanitize errors before returning MCP responses. Streamable HTTP servers, child-process transports, and OAuth flows need normal production controls: auth, TLS, request limits, lifecycle handling, logging policy, and abuse protection. Feature flags can pull in transport, HTTP, OAuth, schema, and process dependencies; review the enabled feature set before shipping.
Privacy notes	✓MCP Python servers may expose local files, application data, tool arguments, tool results, resource contents, prompt templates, authentication state, logs, traces, and errors. Do not leak secrets, customer data, private paths, internal identifiers, token values, or privileged resource contents through schemas, examples, responses, or logs. Document which MCP client, model provider, server process, transport, ASGI layer, and observability system can observe each request.	✓Java MCP clients and servers may expose tool arguments, tool results, resource contents, prompt templates, request metadata, correlation IDs, logs, traces, and authorization context. Avoid leaking secrets, customer data, private resources, internal identifiers, stack traces, privileged paths, or token values through schemas, responses, errors, or logs. Document which MCP client, server process, Java framework, model provider, transport, and observability system can observe each request.	✓Ruby MCP clients and servers may expose tool arguments, tool results, resource contents, prompt templates, request context, session IDs, logs, progress events, exceptions, and filesystem roots. Avoid leaking secrets, customer data, private files, internal identifiers, stack traces, privileged paths, or session contents through schemas, responses, errors, or logs. Document which MCP client, Ruby process, Rack/Rails layer, session store, model provider, transport, and logging system can observe each request.	✓Rust MCP services may expose tool arguments, tool results, resource contents, prompt templates, task state, authentication metadata, logs, traces, and subprocess output. Avoid returning secrets, private files, customer data, internal identifiers, privileged paths, or raw dependency/runtime errors to MCP clients. Document which MCP client, server process, transport, subprocess, model provider, and observability system can observe each request.
Prerequisites	Python 3.10 or newer and a project managed with uv, pip, or another Python package manager. A decision between stable v1 usage and explicit v2 alpha testing with a pinned pre-release. A target transport, such as stdio for local tools or Streamable HTTP for hosted MCP servers. Clear authorization, side-effect, and data-exposure boundaries for production tools and resources.	Java 17 or newer and a Maven or Gradle build configured for the selected SDK artifact version. A choice of core Java SDK usage, Spring AI MCP integration, or both. A target transport, such as stdio, JDK HttpClient, Servlet, WebFlux, WebMVC, or another framework path. Authentication, authorization, and data-exposure requirements for production clients and servers.	Ruby project compatible with the gem's required Ruby version and runtime dependencies. A decision between local stdio integration, Rack/Rails Streamable HTTP, or client-side MCP usage. A session strategy for Streamable HTTP when using Rack-compatible frameworks. Authorization, side-effect, and data-exposure requirements for production tools and resources.	Rust toolchain and Cargo project compatible with the SDK crate version and edition requirements. Tokio async-runtime familiarity for client, server, transport, and handler integration. A selected feature set for server, client, macros, Streamable HTTP, child-process, OAuth, or schema generation support. Reviewed authorization, side-effect, and data-exposure boundaries for production MCP tools and resources.
Install	`uv add "mcp[cli]"`	`mvn dependency:get -Dartifact=io.modelcontextprotocol.sdk:mcp:2.0.0`	`gem install mcp`	`cargo add rmcp`
Config	—	—	—	—
Citations	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationpy.sdk.modelcontextprotocol.io Websitemodelcontextprotocol.io	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationjava.sdk.modelcontextprotocol.io	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationruby.sdk.modelcontextprotocol.io	Source repositorygithub.com 2026-06-18T12:49:35+00:00 Documentationdocs.rs
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…