Model Context Protocol – Advanced Patterns for Production By the end of this lesson, students should be able to: Transport selection criteria. | Factor | stdio | HTTP/SSE | |——–|——-|———-| | Deployment | Local, same machine as host | Remote or shared infrastructure | | Multiple clients | One client (child process model) | Multiple simultaneous clients | | Authentication | OS process permissions | Explicit (bearer token, mTLS) | | Latency | Lowest (IPC) | Higher (network) | | Complexity | Lower | Higher | | Production infrastructure | Limited | Full (load balancing, health checks) | Default choice: stdio for personal tools and development. HTTP/SSE for production servers, shared organizational tools, and remote deployments. HTTP/SSE server implementation (Python pattern). “`python from mcp.server.sse import SseServerTransport from starlette.applications import Starlette from starlette.routing import Route, Mount sse = SseServerTransport("/messages/") async def handle_sse(request): async with sse.connect_sse(request.scope, request.receive, request._send) as streams: await app.run(streams[0], streams[1], app.create_initialization_options()) starlette_app = Starlette(routes=[ Route("/sse", endpoint=handle_sse), Mount("/messages/", app=sse.handle_post_message), ]) “` Run with an ASGI server (uvicorn). Verify current HTTP/SSE implementation patterns at modelcontextprotocol.io/sdk. Authentication for remote servers. Remote MCP servers should require authentication. Common patterns: For Claude Code connecting to a remote server, configure the bearer token in the MCP server configuration entry. The client includes it on every connection. Health checks and load balancing. HTTP/SSE servers integrate with standard infrastructure: stdio servers have no HTTP surface – health checking must be via process monitoring. A developer moves a team's shared MCP server from individual developer stdio instances to a shared HTTP/SSE deployment. Benefits: one server process, multiple simultaneous client connections, centralized updates (update the server once, all clients get the new version), and integration with the team's existing infrastructure monitoring. She adds bearer token authentication, a /health endpoint, and configures the load balancer. The stdio configuration each developer ran on their laptop is replaced by a URL and token in each developer's Claude Code config. Remote MCP servers accept connections over the network – they require proper authentication, TLS encryption in transit, and appropriate network access controls. An unauthenticated MCP server accessible on the network is an open execution endpoint for any attacker who can reach it. For production deployments, require authentication, use HTTPS, and restrict network access to authorized clients only. Log in and enroll to access lesson quizzes.
Lesson 4: Transport Mechanisms for Production
Lesson Objectives
Lesson Content
/health endpoint that returns 200 when the server is ready/healthPractical Example
Safety Notes