> ## Documentation Index
> Fetch the complete documentation index at: https://docs.leanmcp.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Where to Use MCPs
> Understanding when and where to use MCP servers effectively
MCPs aren't just for SaaS developers. They're a flexible foundation for building AI-powered applications across different contexts. Here's where MCPs truly shine.
***
## 1. SaaS Developers: Expose Your Platform to AI
If you have an existing SaaS with APIs and a database, MCPs let you **expose your platform to AI agents** without building everything from scratch.
### The Problem
Your competitors are building AI agents. You could:
* Build your own agent from scratch (expensive, time-consuming)
* Let users export data to other tools (lose control, security risks)
* Do nothing (fall behind)
### The MCP Solution
Build an MCP that wraps your existing APIs. Now:
* **Your data stays yours** — no exports needed
* **Users get AI agent support** — through your MCP
* **You control access** — auth, scopes, permissions built-in
```mermaid theme={null}
flowchart LR
U[User] --> A[AI Agent]
A -->|Tool calls| M[Your MCP]
M -->|Auth + Scopes| D[Your Database]
M --> A
A --> U
```
### Building an Agent with MCPs
The agent pattern is simple — it's just a loop:
```mermaid theme={null}
flowchart TD
U[User Prompt] --> A[Agent / LLM]
A -->|Decision: Need data?| TC{Tool Call?}
TC -->|Yes| M[MCP Tool]
M -->|Response| A
TC -->|No| R[Final Response]
R --> U
```
You can build this with OpenAI or Anthropic in **10-20 minutes**:
```typescript theme={null}
import Anthropic from '@anthropic-ai/sdk';
import { MCPClient } from '@leanmcp/client';
const anthropic = new Anthropic();
const mcp = new MCPClient('http://your-mcp-server.com');
// Get tools from your MCP
const tools = await mcp.listTools();
async function runAgent(userMessage: string) {
const messages = [{ role: 'user', content: userMessage }];
// Agent loop
while (true) {
const response = await anthropic.messages.create({
model: 'claude-sonnet-4-5-20250929',
max_tokens: 1024,
tools: tools, // Your MCP tools
messages
});
// Check for tool calls
const toolCalls = response.content.filter(c => c.type === 'tool_use');
if (toolCalls.length === 0) {
// No more tool calls - return final response
return response.content.find(c => c.type === 'text')?.text;
}
// Execute tool calls via MCP
for (const call of toolCalls) {
const result = await mcp.callTool(call.name, call.input);
messages.push({
role: 'tool',
tool_use_id: call.id,
content: JSON.stringify(result)
});
}
}
}
```
### Why MCP Over Custom Tool Calls?
| Custom Tool Calls | MCP |
| ------------------------ | --------------------------- |
| Auth per tool | Auth built into protocol |
| Scope management manual | Scopes via `@leanmcp/auth` |
| Users locked to your app | Users can use MCP elsewhere |
| Rebuild for each LLM | Works with any LLM |
**Key advantage:** If users want to use their data in other tools (Cursor, Claude Desktop, custom apps), they can connect your MCP directly. No data export needed.
***
## 2. AI Agent Startups: Build MVPs Fast
If you're building an AI agent startup, MCPs are the **fastest path to an MVP**.
### The Traditional Approach
1. Build tool call handlers
2. Wire up OpenAI/Anthropic
3. Build your agent loop
4. Create test infrastructure
5. Deploy and iterate
### The MCP Approach
1. Build an MCP with your tools, APIs, resources
2. Add prompts for different behaviors (A/B testing)
3. Test in Claude Desktop immediately
4. Deploy when ready
```mermaid theme={null}
flowchart TD
subgraph Build
T[Tools] --> M[MCP Server]
R[Resources] --> M
P[Prompts A/B/C/D] --> M
end
subgraph Test
M --> CD[Claude Desktop]
M --> CU[Cursor]
M --> WS[Windsurf]
end
subgraph Deploy
M --> PROD[Production Agent]
end
```
### A/B Testing Prompts
Add multiple prompts to your MCP for testing different behaviors:
```typescript theme={null}
@Prompt({ description: "Prompt A - Concise responses" })
promptA() {
return {
messages: [{
role: "user",
content: { type: "text", text: "Be concise. One sentence answers." }
}]
};
}
@Prompt({ description: "Prompt B - Detailed explanations" })
promptB() {
return {
messages: [{
role: "user",
content: { type: "text", text: "Provide detailed explanations with examples." }
}]
};
}
@Prompt({ description: "Prompt C - Step by step" })
promptC() {
return {
messages: [{
role: "user",
content: { type: "text", text: "Break down responses into numbered steps." }
}]
};
}
```
Test each prompt in Claude Desktop and see which performs best — **no code changes needed**.
### Why MCP for MVPs?
| Benefit | How |
| --------------------- | ---------------------------------- |
| **Fast iteration** | Change prompts without redeploying |
| **Test anywhere** | Claude Desktop, Cursor, Windsurf |
| **Production-ready** | Same MCP works in production |
| **No vendor lock-in** | Switch LLMs easily |
***
## 3. Enterprise: Internal Tooling & Agents
For large enterprises with internal agents, MCPs provide the **security, access control, and auditability** you need.
### The Enterprise Challenge
* Different teams need different data access
* SSO integration required
* Scope management per user/team
* Audit trail for compliance
* Works with enterprise LLM providers
### MCP + Enterprise Auth
```mermaid theme={null}
flowchart TD
U[Employee] -->|SSO Login| IDP[Internal IdP
Okta / Azure AD]
IDP -->|JWT Token| A[AI Agent]
A -->|Token in _meta| M[MCP Server]
M -->|Validate| IDP
M -->|Check Scopes| SC[Scope Rules]
SC -->|Finance team?| FD[Finance Data]
SC -->|Engineering team?| ED[Engineering Data]
SC -->|HR team?| HD[HR Data]
```
### Implementation
```typescript theme={null}
import { AuthProvider, Authenticated } from "@leanmcp/auth";
// Connect to your internal SSO
const authProvider = new AuthProvider('custom', {
jwksUri: 'https://your-sso.company.com/.well-known/jwks.json',
issuer: 'https://your-sso.company.com',
audience: 'internal-mcp'
});
await authProvider.init();
@Authenticated(authProvider)
export class InternalDataService {
@Tool({ description: "Get team data" })
async getTeamData(input: { dataType: string }) {
// authUser contains SSO claims including groups/scopes
const userTeam = authUser['groups']?.[0];
const allowedScopes = authUser['scopes'] || [];
// Check if user has access to requested data
if (!allowedScopes.includes(`read:${input.dataType}`)) {
return { error: "Access denied", requiredScope: `read:${input.dataType}` };
}
// Fetch data based on team membership
return await internalDb.getData({
team: userTeam,
type: input.dataType,
requestedBy: authUser.sub // Audit trail
});
}
}
```
### Works with Enterprise LLM Providers
| Provider | Integration |
| ------------------------ | ------------------------------ |
| **OpenAI Enterprise** | Same MCP, enterprise API keys |
| **Anthropic Enterprise** | Same MCP, enterprise agreement |
| **AWS Bedrock** | Same MCP, Claude on AWS |
| **Azure OpenAI** | Same MCP, Azure endpoints |
**Key benefit:** You don't rebuild your agent for each LLM provider. The MCP stays the same — only the LLM connection changes.
***
## Summary: When to Use MCPs
| Use Case | Why MCP |
| ----------------------- | ------------------------------------------------------- |
| **SaaS Developer** | Expose platform to AI, keep data control, auth built-in |
| **AI Agent Startup** | Fast MVPs, test in existing tools, no vendor lock-in |
| **Enterprise Internal** | SSO integration, scope management, audit trails |
```mermaid theme={null}
flowchart LR
subgraph Your MCP
T[Tools]
R[Resources]
P[Prompts]
A[Auth]
end
subgraph Use Cases
S[SaaS Platform]
M[MVP Testing]
E[Enterprise Agent]
end
subgraph Clients
CD[Claude Desktop]
CU[Cursor]
WS[Windsurf]
CA[Custom Agent]
end
Your MCP --> Use Cases
Use Cases --> Clients
```
**Bottom line:** If you're building anything that connects AI to data or actions, MCPs give you auth, scopes, flexibility, and portability — all built into the protocol.
Secure your MCP
Get started now