MCP Goes Stateless: The 2026-07-28 Release Candidate Explained
The Model Context Protocol just underwent its largest revision since launch. MCP 2026-07-28 goes stateless, removes the initialize handshake, and enables horizontal scaling for agent infrastructure.
Eighteen months after Anthropic introduced MCP as an open standard for AI agents to connect with external tools, the protocol maintainers have published a release candidate that fundamentally changes how agents scale. The final specification lands July 28, 2026, with a ten-week window for SDK maintainers to prepare.
The stateless shift
Previous versions of MCP required a stateful session between client and server. Every connection started with an initialize handshake, and the server maintained session state for the duration of the interaction. This worked for single-machine deployments but became a bottleneck at scale.
MCP 2026-07-28 removes the protocol-level session entirely. Clients no longer call initialize. Servers no longer track session IDs. Any request can hit any server instance. The protocol becomes truly stateless.
This change enables horizontal scaling that was previously impossible. MCP servers can now sit behind a simple round-robin load balancer without sticky sessions. Deployment patterns that required shared session stores or in-memory state now work with standard HTTP infrastructure.
Multi Round-Trip Requests
Removing sessions does not mean removing multi-turn conversations. The new Multi Round-Trip Requests (MRTR) pattern enables complex server-to-client interactions without session state.
MRTR allows a single request to span multiple round-trips between client and server. The server can ask the client for additional information, confirmation, or delegation, then continue processing without losing context. All state travels with the request payload rather than living in server memory.
This pattern is particularly relevant for autonomous agents. An agent that needs to call multiple tools in sequence, wait for human approval on certain actions, or delegate sub-tasks to other agents can now do so without tying up a server-side session.
Enterprise-Managed Authorization
The Enterprise-Managed Authorization extension graduates to stable in this release. EMA addresses a persistent friction point in enterprise deployments: repeated consent prompts for every MCP connector.
Under EMA, organizations provision connectors once through their identity provider. Users inherit access through the groups and roles they already have. When an employee logs into Claude, their authorized connectors appear automatically without individual consent prompts.
EMA aligns MCP authorization with OAuth and OpenID Connect patterns that enterprises already use. The extension is being adopted by Anthropic, Microsoft, Okta, and a growing number of MCP server providers.
Production readiness
The 2026-07-28 release candidate is not just about new features. It represents the protocol maturing from an experimental standard to production infrastructure. The formal deprecation policy introduced in this release gives organizations confidence to deploy without fear of breaking changes.
Other enterprise-focused additions include server-rendered UIs through MCP Apps, long-running work through the Tasks extension with clearer lifecycle rules, and improved observability for debugging agent interactions at scale.
We covered the initial MCP landscape in our deep dive on the protocol. Eighteen months later, the ecosystem has evolved from experimental connectors to enterprise-grade infrastructure.
What it means for LLM4Agents
The stateless shift aligns perfectly with LLM4Agents architecture. Our gateway has always been designed for horizontal scalability, treating agent workloads as ephemeral requests rather than long-lived sessions.
MCP 2026-07-28 makes it easier to run agent fleets at scale. Stateless MCP servers can be deployed across availability zones without session affinity concerns. An agent that starts a task on one instance can continue on another without complex state migration logic.
For agent operators building on LLM4Agents, this means simpler infrastructure. You no longer need to provision sticky session load balancers or shared state stores for your MCP connectors. Standard HTTP infrastructure works out of the box.
The EMA extension also matters for our enterprise customers. Centralized authorization through existing identity providers reduces friction when onboarding teams to agent workflows. Your users no longer need to individually consent to every connector their work requires.
Staying on the frontier
The MCP protocol is moving fast, but the 2026-07-28 release candidate provides a stable target for production deployments. Here is how to stay current:
First, audit your MCP server implementations for stateful patterns. The initialize handshake is gone. Session IDs are no longer meaningful. Any server that relies on per-session state needs to be refactored to pass state with each request.
Second, adopt the MRTR pattern for complex agent workflows. Multi-tool sequences, human-in-the-loop approvals, and agent-to-agent delegation become more reliable when state travels with the request rather than living in server memory.
Third, evaluate EMA for your enterprise deployments. If your teams struggle with connector consent prompts, centralized authorization through your identity provider may be the solution. The extension is stable and supported by major providers.
Fourth, plan your migration before the July 28 final release. The ten-week RC window exists for SDK maintainers and platform operators to test their implementations. Do not wait until the specification is final to begin your upgrade.
The agentic stack we mapped earlier this year depends on protocols that scale. MCP 2026-07-28 delivers that foundation. Stateless, horizontally scalable, enterprise-ready agent infrastructure is no longer theoretical.
Deploy agents that scale
LLM4Agents provides the payment and orchestration layer for autonomous agents at any scale.
Get started