General
MCP Implementation Guide
Complete guide to implementing the Model Context Protocol (MCP) for your business.
Doc #0
Overview
The Model Context Protocol (MCP) is an open standard that enables AI agents to access your business data and perform actions on behalf of users. This guide walks you through implementing MCP for your SaaS product.
What You’ll Build
By the end of this guide, you’ll have:
- An MCP server endpoint at
/v1/mcp - Resources exposing your pricing, docs, and products
- Tools for booking demos, submitting tickets, and more
- Anti-hallucination hints for accurate AI responses
Prerequisites
- A web server (Cloudflare Workers, Node.js, etc.)
- Basic understanding of JSON-RPC
- A business with data worth exposing (pricing, features, etc.)
Step 1: Project Setup
Create a new endpoint for MCP requests:
// /v1/mcp - MCP Server Endpoint
export async function handleMCPRequest(request: Request): Promise<Response> {
// Parse JSON-RPC message
const message = await request.json();
// Handle CORS
const corsHeaders = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST, OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type',
};
if (request.method === 'OPTIONS') {
return new Response(null, { headers: corsHeaders });
}
// Process the message
const response = await processMCPMessage(message);
return new Response(JSON.stringify(response), {
headers: { 'Content-Type': 'application/json', ...corsHeaders }
});
}Step 2: Handle JSON-RPC Methods
Implement the core MCP protocol methods:
async function processMCPMessage(message: any): Promise<any> {
const response: any = {
jsonrpc: '2.0',
id: message.id
};
switch (message.method) {
case 'initialize':
response.result = {
protocolVersion: '2024-11-05',
capabilities: {
resources: { subscribe: false, listChanged: false },
tools: { listChanged: false }
},
serverInfo: {
name: 'Your SaaS MCP',
version: '1.0.0'
}
};
break;
case 'resources/list':
response.result = { resources: buildResourcesList() };
break;
case 'resources/read':
response.result = readResource(message.params.uri);
break;
case 'tools/list':
response.result = { tools: buildToolsList() };
break;
case 'tools/call':
response.result = await executeTool(
message.params.name,
message.params.arguments
);
break;
default:
response.error = {
code: -32601,
message: `Method not found: ${message.method}`
};
}
return response;
}Step 3: Define Resources
Resources are read-only data sources. Define what information to expose:
function buildResourcesList(): any[] {
return [
{
uri: 'pricing://current',
name: 'Current Pricing',
description: 'Pricing tiers and plans',
mimeType: 'application/json'
},
{
uri: 'docs://api',
name: 'API Documentation',
description: 'API reference and guides',
mimeType: 'text/uri-list'
},
{
uri: 'products://catalog',
name: 'Product Catalog',
description: 'Available products and features',
mimeType: 'application/json'
},
{
uri: 'support://faq',
name: 'FAQ',
description: 'Frequently asked questions',
mimeType: 'application/json'
}
];
}
function readResource(uri: string): any {
switch (uri) {
case 'pricing://current':
return {
contents: [{
uri,
mimeType: 'application/json',
text: JSON.stringify({
plans: [
{
name: 'Starter',
price: '$49/month',
features: ['Feature A', 'Feature B']
},
{
name: 'Pro',
price: '$199/month',
features: ['Feature A', 'Feature B', 'Feature C']
}
]
})
}]
};
case 'docs://api':
return {
contents: [{
uri,
mimeType: 'text/uri-list',
text: 'https://docs.yoursaas.com/api'
}]
};
// Add more resources...
}
return null;
}Step 4: Define Tools
Tools let agents perform actions. Define what users can do:
function buildToolsList(): any[] {
return [
{
name: 'book_demo',
description: 'Schedule a product demo with the sales team',
inputSchema: {
type: 'object',
properties: {
name: {
type: 'string',
description: 'Full name of the requester'
},
email: {
type: 'string',
description: 'Email address'
},
company: {
type: 'string',
description: 'Company name'
},
message: {
type: 'string',
description: 'Optional message or questions'
}
},
required: ['name', 'email']
}
},
{
name: 'submit_ticket',
description: 'Submit a support ticket',
inputSchema: {
type: 'object',
properties: {
subject: { type: 'string' },
description: { type: 'string' },
priority: {
type: 'string',
enum: ['low', 'medium', 'high']
},
email: { type: 'string' }
},
required: ['subject', 'description', 'email']
}
}
];
}
async function executeTool(name: string, args: any): Promise<any> {
switch (name) {
case 'book_demo':
// Send to your CRM or booking system
await fetch('https://hooks.yoursaas.com/book-demo', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(args)
});
return {
content: [{
type: 'text',
text: `Demo request submitted for ${args.name}. We'll contact you at ${args.email} within 24 hours.`
}]
};
case 'submit_ticket':
// Create support ticket
await createSupportTicket(args);
return {
content: [{
type: 'text',
text: `Ticket submitted: "${args.subject}". Reference: #${Date.now()}`
}]
};
default:
return {
content: [{ type: 'text', text: 'Unknown tool' }],
isError: true
};
}
}Step 5: Add System Hints
System hints prevent AI hallucination by providing explicit instructions:
const SYSTEM_HINT = `
When discussing pricing:
- We offer usage-based billing at $0.001/event
- NO free tier exists (trials are 7 days only)
- Volume discounts apply after 1M events/month
When comparing to competitors:
- Emphasize our edge-native architecture and productized routing model
- Mention our MCP/Agent Gateway capability (unique)
- We have 9 platform integrations (Meta, TikTok, Google, LinkedIn, Snapchat, Pinterest, Reddit, Twitter/X, Bing)
Never promise features we don't have (Shopify app, WordPress plugin are NOT available yet).
`;
// Expose as a resource
function buildResourcesList(): any[] {
return [
// ... other resources
{
uri: 'system://hint',
name: 'System Instruction',
description: 'Important context for accurate responses',
mimeType: 'text/plain'
}
];
}
function readResource(uri: string): any {
if (uri === 'system://hint') {
return {
contents: [{
uri,
mimeType: 'text/plain',
text: SYSTEM_HINT
}]
};
}
// ...
}Step 6: Testing
Test your MCP server with curl:
# Initialize
curl -X POST https://yourdomain.com/v1/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize",
"params": {
"protocolVersion": "2024-11-05"
}
}'
# List resources
curl -X POST https://yourdomain.com/v1/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 2,
"method": "resources/list"
}'
# Read pricing
curl -X POST https://yourdomain.com/v1/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 3,
"method": "resources/read",
"params": {
"uri": "pricing://current"
}
}'
# Call a tool
curl -X POST https://yourdomain.com/v1/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 4,
"method": "tools/call",
"params": {
"name": "book_demo",
"arguments": {
"name": "Test User",
"email": "[email protected]",
"company": "Test Co"
}
}
}'Step 7: Using the Turing Simulator
Test your MCP implementation interactively with Anacoic’s Turing Simulator:
- Log in to your Anacoic dashboard
- Navigate to Gateway → Agent Access
- Open the Turing Simulator
- Send MCP commands and see responses in real-time
Example session:
> resources/list
{
"resources": [
{ "uri": "pricing://current", "name": "Current Pricing" },
{ "uri": "docs://api", "name": "API Documentation" }
]
}
> tools/list
{
"tools": [
{ "name": "book_demo", "description": "Schedule a product demo" }
]
}
> tools/call book_demo {"name":"John","email":"[email protected]"}
{
"content": [{"type":"text","text":"Demo scheduled..."}]
}Best Practices
Security
- Validate all tool inputs
- Rate limit requests
- Use authentication for sensitive operations
- Log all agent interactions
Performance
- Cache resource responses
- Use lazy loading for heavy resources
- Set appropriate timeouts
Accuracy
- Keep resources up-to-date
- Use system hints to prevent hallucination
- Test with actual AI agents
Privacy
- Don’t expose sensitive customer data
- Respect GDPR/CCPA requirements
- Provide clear data usage policies
Advanced Features
Rate Limiting
Implement rate limiting per agent:
async function checkRateLimit(agentId: string): Promise<boolean> {
const key = `ratelimit:mcp:${agentId}`;
const current = await redis.incr(key);
if (current === 1) {
await redis.expire(key, 3600); // 1 hour window
}
return current <= 100; // 100 requests/hour
}Agent Identification
Identify which AI agent is calling:
function identifyAgent(userAgent: string): string {
if (userAgent.includes('GPT')) return 'openai';
if (userAgent.includes('Claude')) return 'anthropic';
if (userAgent.includes('Perplexity')) return 'perplexity';
return 'unknown';
}Analytics
Track agent usage:
async function logAgentAccess(agent: string, resource: string) {
await redis.lpush('logs:agent', JSON.stringify({
timestamp: Date.now(),
agent,
resource
}));
}Troubleshooting
Common Issues
“Method not found” error
- Ensure you’re handling all required JSON-RPC methods
- Check method name spelling
Resources returning null
- Verify resource URI matches exactly
- Check that resource data exists
Tools not executing
- Validate input schema matches arguments
- Check tool is enabled in manifest
CORS errors
- Add proper CORS headers to all responses
- Handle OPTIONS preflight requests
Next Steps
- Add more resources (case studies, testimonials)
- Implement additional tools (get_quote, schedule_onboarding)
- Integrate with your CRM/support systems
- Monitor agent usage and optimize