You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/docs/learn/architecture.mdx
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -132,7 +132,7 @@ MCP also defines primitives that _clients_ can expose. These primitives allow MC
132
132
133
133
For more details about client primitives see [client concepts](./client-concepts).
134
134
135
-
MCP also defines cross-cutting utility primitives that augment how requests are executed:
135
+
Besides server and client primitives, the protocol offers cross-cutting utility primitives that augment how requests are executed:
136
136
137
137
-**Tasks**: Asynchronous execution wrappers that enable deferred result retrieval and status tracking for any MCP request (e.g., long-running computations, workflow automation, batch processing, multi-step operations)
Copy file name to clipboardExpand all lines: docs/specification/draft/basic/utilities/tasks.mdx
+5-6Lines changed: 5 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -420,7 +420,7 @@ While this note is not prescriptive regarding the specific usage of SSE streams,
420
420
421
421
### TTL and Resource Management
422
422
423
-
1. Receivers **MUST** include a `createdAt`timestamp (ISO 8601 format) in all task responses to indicate when the task was created.
423
+
1. Receivers **MUST** include a `createdAt`[ISO 8601](https://en.wikipedia.org/wiki/ISO_8601)-formatted timestamp in all task responses to indicate when the task was created.
424
424
1. Receivers **MAY** override the requested `ttl` duration.
425
425
1. Receivers **MUST** include the actual `ttl` duration (or `null` for unlimited) in `tasks/get` responses.
426
426
1. After a task's `ttl` lifetime has elapsed, receivers **MAY** delete the task and its results, regardless of the task status.
@@ -678,7 +678,7 @@ All requests, responses, and notifications associated with a task **MUST** inclu
678
678
679
679
This associates messages with their originating task across the entire request lifecycle.
680
680
681
-
However, for the `tasks/get`, `tasks/list`, and `tasks/cancel` operations, requestors and receivers **SHOULD NOT** include this metadata in their messages, as the `taskId` is already present in the message structure.
681
+
For the `tasks/get`, `tasks/list`, and `tasks/cancel` operations, requestors and receivers **SHOULD NOT** include this metadata in their messages, as the `taskId` is already present in the message structure.
682
682
The `tasks/result` operation **MUST** include this metadata in its response, as the result structure itself does not contain the task ID.
683
683
684
684
## Error Handling
@@ -786,7 +786,7 @@ The `error` field is distinct from `statusMessage`:
786
786
}
787
787
```
788
788
789
-
For tasks that wrap tool call requests, when the tool result has `isError` set to true, the task should reach `failed` status.
789
+
For tasks that wrap tool call requests, when the tool result has `isError` set to `true`, the task should reach `failed` status.
790
790
791
791
The `tasks/result` endpoint returns exactly what the underlying request would have returned:
792
792
@@ -799,8 +799,8 @@ The `tasks/result` endpoint returns exactly what the underlying request would ha
799
799
800
800
Task IDs are the primary mechanism for accessing task state and results. Without proper access controls, any party that can guess or obtain a task ID could potentially access sensitive information or manipulate tasks they did not create. To prevent unauthorized access, receivers **SHOULD** bind tasks to the session or authentication context that created them.
801
801
802
-
However, context-binding is not practical for all applications. Some MCP servers operate in environments without session management (such as single-user tools), or use transports that don't support sessions or authentication.
803
-
In these cases, receivers **SHOULD** document this limitation clearly, as task results may be accessible to any requestor that can guess the task ID.
802
+
Context-binding is not practical for all applications. Some MCP servers operate in environments without session management, such as single-user tools, or use transports that don't support sessions or authorization.
803
+
In these scenarios, receivers **SHOULD** document this limitation clearly, as task results may be accessible to any requestor that can guess the task ID.
804
804
When context-binding is not available, receivers **SHOULD** use cryptographically random task IDs with sufficient entropy to make guessing infeasible, and consider implementing shorter TTL durations to limit exposure windows.
805
805
806
806
If context-binding is supported, for `tasks/get`, `tasks/result`, and `tasks/cancel` requests, receivers **MUST** reject requests for tasks from different sessions or authentication contexts. For `tasks/list` requests, receivers **MUST** filter the returned task list to only include tasks belonging to the requestor's session or authentication context.
@@ -813,7 +813,6 @@ Additionally, receivers **SHOULD** implement rate limiting on task operations to
813
813
1. Enforce limits on concurrent tasks per requestor
814
814
1. Enforce maximum `ttl` durations to prevent indefinite resource retention
815
815
1. Clean up expired tasks promptly to free resources
816
-
1. Receivers **SHOULD**:
817
816
1. Document maximum supported `ttl` duration
818
817
1. Document maximum concurrent tasks per requestor
819
818
1. Implement monitoring and alerting for resource usage
0 commit comments