What is an MCP server (advanced overview)
Model Context Protocol (MCP) is a specification that allows AI clients (Claude, Cursor, GitHub Copilot, etc.) to communicate with your application using a standardized protocol. MCP has three primary primitives:| Primitive | Role | Common use cases |
|---|---|---|
| Tools | Functions the AI can invoke | Data manipulation, external API calls, computation |
| Resources | Context the AI can read | Documentation, configuration, dynamic data |
| Prompts | Reusable templates | Standardized queries, workflow guidance |
This advanced guide focuses on practical implementation. For a conceptual introduction to MCP, see Intermediate: Laravel MCP.
Installation and setup
Publish the route file
Use
vendor:publish to generate routes/ai.php, where you register your MCP servers.Generate a server class
Create a server class with the Artisan command.Register your tools, resources, and prompts in the generated
app/Mcp/Servers/DatabaseServer.php.Implementing tools
Tools are functions that AI clients can invoke. You can use Laravel’s service container, validation, and Eloquent directly.Creating a tool
handle and schema methods in the generated class.
Defining parameters (schema)
Use theIlluminate\Contracts\JsonSchema\JsonSchema builder in the schema method to define accepted parameters.
Tool annotations
MCP protocol annotations let AI clients assess the safety of a tool.| Annotation | Description |
|---|---|
#[IsReadOnly] | Does not modify data |
#[IsDestructive] | Performs a destructive operation such as deletion |
#[IsIdempotent] | Re-running with the same arguments is safe |
#[IsOpenWorld] | Communicates with external entities |
Structured responses
UseResponse::structured to return JSON responses that are easy for AI clients to parse.
Streaming responses
For long-running operations, return a Generator to stream progress updates.Conditional registration
You can expose a tool only to users who meet certain conditions.Implementing resources
Resources are data that AI clients load as context — documents, configuration, or dynamic data.Static resources
Dynamic resources (URI templates)
URI templates let you serve dynamic resources based on URL parameters.app://users/42/profile, and the {userId} value is available via $request->get('userId').
Resource annotations
You can explicitly set the priority and audience of a resource.Implementing prompts
Prompts are reusable templates that AI clients can use to standardize common queries or complex workflows.Creating a prompt
Authentication and authorization
Token authentication with Sanctum
The simplest approach. MCP clients attach anAuthorization: Bearer <token> header.
OAuth 2.1 authentication
Use Laravel Passport for more robust authentication.AppServiceProvider.
Custom middleware authentication
If you use your own API tokens, validate theAuthorization header in custom middleware.
Authorization inside tools
Use$request->user() inside a tool or resource’s handle method for fine-grained authorization.
Practical example: database operation tools
A complete implementation of tools that search and create data using Eloquent.Server class
Search tool (read-only)
Create tool (write)
Practical example: file system tool
A tool that reads files using the Storage facade.Testing
MCP servers, tools, resources, and prompts can be unit tested with Laravel’s standard testing features.Testing tools
Call a tool directly usingServer::tool().
Testing resources and prompts
Key assertion methods
| Method | Description |
|---|---|
assertOk() | Confirms the response has no errors |
assertSee($text) | Confirms the response contains the given text |
assertHasErrors() | Confirms the response has errors |
assertHasNoErrors() | Confirms the response has no errors |
assertName($name) | Confirms the tool name |
assertSentNotification($method, $data) | Confirms a notification was sent |
assertNotificationCount($count) | Confirms the number of notifications sent |
Debugging with MCP Inspector
Use MCP Inspector for interactive debugging.Deployment considerations
HTTP streaming and SSE
If you use streaming responses (Generator) on a web server, verify your server configuration.Using Laravel Octane
For high-traffic MCP servers, consider Laravel Octane (FrankenPHP or Swoole) to significantly reduce per-request overhead.Rate limiting
Use thethrottle middleware to limit requests to your MCP server.