- MCP (Model Context Protocol): Open, transport-agnostic protocol that standardizes discovery and invocation of tools/resources across hosts and servers. Best for portable, multi-tool, multi-runtime systems.
- Function Calling: Vendor feature where the model selects a declared function (JSON Schema), returns arguments, and your runtime executes. Best for single-app, low-latency integrations.
- OpenAPI Tools: Use OpenAPI Specification (OAS) 3.1 as the contract for HTTP services; agent/tooling layers auto-generate callable tools. Best for governed, service-mesh integrations.
Comparison Table
| Concern | MCP | Function Calling | OpenAPI Tools |
|---|---|---|---|
| Interface contract | Protocol data model (tools/resources/prompts) | Per-function JSON Schema | OAS 3.1 document |
| Discovery | Dynamic via tools/list |
Static list provided to the model | From OAS; catalogable |
| Invocation | tools/call over JSON-RPC session |
Model selects function; app executes | HTTP request per OAS op |
| Orchestration | Host routes across many servers/tools | App-local chaining | Agent/toolkit routes intents → operations |
| Transport | stdio / HTTP variants | In-band via LLM API | HTTP(S) to services |
| Portability | Cross-host/server | Vendor-specific surface | Vendor-neutral contracts |
Strengths and Limits
MCP
- Strengths: Standardized discovery; reusable servers; multi-tool orchestration; growing host support (e.g., Semantic Kernel, Cursor; Windows integration plans).
- Limits: Requires running servers and host policy (identity, consent, sandboxing). Host must implement session lifecycle and routing.
Function Calling
- Strengths: Lowest integration overhead; fast control loop; straightforward validation via JSON Schema.
- Limits: App-local catalogs; portability requires redefinition per vendor; limited built-in discovery/governance.
OpenAPI Tools
- Strengths: Mature contracts; security schemes (OAuth2, keys) in-spec; rich tooling (agents from OAS).
- Limits: OAS defines HTTP contracts, not agentic control loops—you still need an orchestrator/host.
Security and Governance
- MCP: Enforce host policy (allowed servers, user consent), per-tool scopes, and ephemeral credentials. Platform adoption (e.g., Windows) emphasizes registry control and consent prompts.
- Function Calling: Validate model-produced args against schemas; maintain allowlists; log calls for audit.
- OpenAPI Tools: Use OAS security schemes, gateways, and schema-driven validation; constrain toolkits that allow arbitrary requests.
Ecosystem Signals (Portability/Adoption)
- MCP hosts/servers: Supported in Microsoft Semantic Kernel (host + server roles) and Cursor (MCP directory, IDE integration); Microsoft signaled Windows-level support.
- Function Calling: Broadly available across major LLM APIs (OpenAI docs shown here) with similar patterns (schema, selection, tool results).
- OpenAPI Tools: Multiple agent stacks auto-generate tools from OAS (LangChain Python/JS).
Decision Rules (When to Use Which)
- App-local automations with a handful of actions and tight latency targets → Function Calling. Keep definitions small, validate strictly, and unit-test the loop.
- Cross-runtime portability and shared integrations (agents, IDEs, desktops, backends) → MCP. Standardized discovery and invocation across hosts; reuse servers across products.
- Enterprise estates of HTTP services needing contracts, security schemes, and governance → OpenAPI Tools with an orchestrator. Use OAS as the source of truth; generate tools, enforce gateways.
- Hybrid pattern (common): Keep OAS for your services; expose them via an MCP server for portability, or mount a subset as function calls for latency-critical product surfaces.
References:
MCP (Model Context Protocol)
Function Calling (LLM tool-calling features)
OpenAPI (spec + LLM toolchains)