Model Context Protocol (MCP) vs Function Calling vs OpenAPI Tools

MCP (Model Context Protocol): Open, transport-agnostic protocol that standardizes discovery and invocation of tools/resources across hosts and servers. Best for portable, multi-tool, multi-runtime systems.
Function Calling: Vendor feature where the model selects a declared function (JSON Schema), returns arguments, and your runtime executes. Best for single-app, low-latency integrations.
OpenAPI Tools: Use OpenAPI Specification (OAS) 3.1 as the contract for HTTP services; agent/tooling layers auto-generate callable tools. Best for governed, service-mesh integrations.

Concern	MCP	Function Calling	OpenAPI Tools
Interface contract	Protocol data model (tools/resources/prompts)	Per-function JSON Schema	OAS 3.1 document
Discovery	Dynamic via `tools/list`	Static list provided to the model	From OAS; catalogable
Invocation	`tools/call` over JSON-RPC session	Model selects function; app executes	HTTP request per OAS op
Orchestration	Host routes across many servers/tools	App-local chaining	Agent/toolkit routes intents → operations
Transport	stdio / HTTP variants	In-band via LLM API	HTTP(S) to services
Portability	Cross-host/server	Vendor-specific surface	Vendor-neutral contracts

Strengths: Standardized discovery; reusable servers; multi-tool orchestration; growing host support (e.g., Semantic Kernel, Cursor; Windows integration plans).
Limits: Requires running servers and host policy (identity, consent, sandboxing). Host must implement session lifecycle and routing.

Strengths: Lowest integration overhead; fast control loop; straightforward validation via JSON Schema.
Limits: App-local catalogs; portability requires redefinition per vendor; limited built-in discovery/governance.

Strengths: Mature contracts; security schemes (OAuth2, keys) in-spec; rich tooling (agents from OAS).
Limits: OAS defines HTTP contracts, not agentic control loops—you still need an orchestrator/host.

MCP: Enforce host policy (allowed servers, user consent), per-tool scopes, and ephemeral credentials. Platform adoption (e.g., Windows) emphasizes registry control and consent prompts.
Function Calling: Validate model-produced args against schemas; maintain allowlists; log calls for audit.
OpenAPI Tools: Use OAS security schemes, gateways, and schema-driven validation; constrain toolkits that allow arbitrary requests.

MCP hosts/servers: Supported in Microsoft Semantic Kernel (host + server roles) and Cursor (MCP directory, IDE integration); Microsoft signaled Windows-level support.
Function Calling: Broadly available across major LLM APIs (OpenAI docs shown here) with similar patterns (schema, selection, tool results).
OpenAPI Tools: Multiple agent stacks auto-generate tools from OAS (LangChain Python/JS).

App-local automations with a handful of actions and tight latency targets → Function Calling. Keep definitions small, validate strictly, and unit-test the loop.
Cross-runtime portability and shared integrations (agents, IDEs, desktops, backends) → MCP. Standardized discovery and invocation across hosts; reuse servers across products.
Enterprise estates of HTTP services needing contracts, security schemes, and governance → OpenAPI Tools with an orchestrator. Use OAS as the source of truth; generate tools, enforce gateways.
Hybrid pattern (common): Keep OAS for your services; expose them via an MCP server for portability, or mount a subset as function calls for latency-critical product surfaces.

MCP (Model Context Protocol)

Function Calling (LLM tool-calling features)

OpenAPI (spec + LLM toolchains)

Related Posts