惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

量子位
P
Privacy International News Feed
Security Latest
Security Latest
Spread Privacy
Spread Privacy
NISL@THU
NISL@THU
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Last Watchdog
The Last Watchdog
S
Schneier on Security
Engineering at Meta
Engineering at Meta
Google Online Security Blog
Google Online Security Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Know Your Adversary
Know Your Adversary
Cyberwarzone
Cyberwarzone
C
Cyber Attacks, Cyber Crime and Cyber Security
G
GRAHAM CLULEY
A
Arctic Wolf
博客园 - 聂微东
I
Intezer
腾讯CDC
罗磊的独立博客
T
Tailwind CSS Blog
WordPress大学
WordPress大学
宝玉的分享
宝玉的分享
L
Lohrmann on Cybersecurity
人人都是产品经理
人人都是产品经理
C
Cybersecurity and Infrastructure Security Agency CISA
博客园 - 【当耐特】
P
Palo Alto Networks Blog
Simon Willison's Weblog
Simon Willison's Weblog
W
WeLiveSecurity
N
News and Events Feed by Topic
SecWiki News
SecWiki News
S
Security Affairs
T
Threat Research - Cisco Blogs
The GitHub Blog
The GitHub Blog
F
Fortinet All Blogs
T
Troy Hunt's Blog
N
News and Events Feed by Topic
P
Proofpoint News Feed
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
酷 壳 – CoolShell
酷 壳 – CoolShell
M
MIT News - Artificial intelligence
I
InfoQ
Hacker News: Ask HN
Hacker News: Ask HN
T
The Blog of Author Tim Ferriss
Schneier on Security
Schneier on Security
Hacker News - Newest:
Hacker News - Newest: "LLM"
Vercel News
Vercel News
博客园 - 三生石上(FineUI控件)
D
Darknet – Hacking Tools, Hacker News & Cyber Security

VMware Blogs

Diagnostics for VMware Cloud Foundation (VCF) 9.1 with Old Versions of VCF Components Mastering Infrastructure Policies in VMware Cloud Foundation Automation 9.1 Modernizing the Private Cloud: Why VCF 9.1 Lifecycle Management is a Game Changer Announcing the VMware Cloud Foundation 9.1 Upgrade Planning Tool VCF Breakroom Chats Episode 86 – Containers Made Easy: The New “Container-as-a-Service” in VCF 9.1 Securing Your VCF 9.1 Infrastructure with the Symantec Identity Security Platform Virtually Speaking: The AI Reality Check with Dave Linthicum Zero Touch Provisioning: Activating Edge Sites with VMware Cloud Foundation Edge 9.1 VCF Breakroom Chats Episode 85 – Cloning Success at Scale: Inside VCF 9.1’s App Stack Formation VMware Cloud on AWS の使用状況を確認できる API Unlocking the Full Potential of Programmable Infrastructure with VMware Cloud Foundation 9.1 – New Features and Capabilities Smarter Patching at Scale: Vulnerability Assessment and Remediation with VMware Tanzu Platform Encrypted vMotion Offload to Intel QAT in VMware Cloud Foundation 9.1 Deepen Your Expertise: Four Key Benefits of Attending Increase Deployment Flexibility with VCF Edge Automation 1.0.3 Avi Advantage: Automating Certificate Management of VCF Workloads More Memory, Less Effort: Configuring Memory Tiering in VCF 9.1 VCF 9.1 Licensing: Programmatic, Centralized, and Built to Scale Why APJ Networking Professionals Need Private Cloud Expertise VCF 9.1 Networking: Simpler VPC Connectivity Control VCF 9.1 Networking: Exploring Network Services for Virtual Private Clouds VCF Networking 9.1: Seamless DDI Integration with Infoblox The Open Source Advantage: Building from Source for Ultimate Security Expand Shared VMDKs with Clustered Applications in VMware vSAN for VCF 9.1 Monetizing Zero-Trust Security with VCF 9.1 and VMware vDefend VMware vSAN Protection and Recovery Enhancements for VCF 9.1 Deliver Production SQL Server DBaaS with VMware Data Services Manager 9.1 Maximizing Profitability: VCF 9.1 Cost-Focused Approach for VMware Cloud Service Providers Modernizing Your Infrastructure: Introducing VMware Cloud Foundation 9.1 to VCSPs VCF 9.1 is Available: Explore the New Features in Hands-on Labs What’s New with vSphere in VMware Cloud Foundation 9.1? Resizing VMware vCenter in VMware Cloud Foundation 9 Non-Disruptive VMware vCenter Patching in VMware Cloud Foundation 9.1 VMware vCenter Virtual Hardware Gets an Upgrade in vSphere with VCF 9.1 AI Has Changed the Threat Landscape. Is Your Infrastructure Ready? Simplifying Storage with the New Effective Capacity View in VMware vSAN for VCF 9.1 Auto-RAID in VMware vSAN for VCF 9.1 – Comprehensive System-Managed Data Resilience Introducing VMmark 4.1: Enhanced Power Efficiency Benchmarking for Private Cloud Infrastructure Advanced Memory Tiering Enhancements in VMware Cloud Foundation 9.1 VCF 9.1 Is Here. See It in Action. 博通發布 VMware Cloud Foundation 9.1 How Broadcom Is Helping Enterprises Win the AI Security Sprint How to Prepare for the World of AI Driven Exploits Avi Innovations for VCF 9.1: Powering Kubernetes, Agentic AI and VPC Workloads VCF 9.1: The Secure, Cost-Effective Private Cloud Platform for Production AI Announcing VCF 9.1: Modern Private Cloud Built for Efficiency and Resilience Announcing VMware Cloud Foundation Edge 9.1: A Scalable, Autonomous Edge Platform Accelerate, Streamline, and Control Your Self-Service Private Cloud with VMware Cloud Foundation 9.1 Deploy Modern Apps Faster, Scale Smarter, and Lower Your TCO with VMware vSphere Kubernetes Service in VCF 9.1 Scale Smarter, Save More: Redefining Infrastructure Economics with VMware vSphere in VCF 9.1 AI with VCF 9.1 on AMD GPUs: Build with open frameworks and simplify management, at a lower TCO Streamline, Simplify and Protect all your AI workloads with VCF 9.1 Simplify Workload Connectivity and Enhance Network Scale and Performance with VCF 9.1 VMware and CrowdStrike Deliver New Integration for Cyber Recovery Workflows How Many Users Can Your LLM Server Really Handle? From Infrastructure to Agents: A Hands-On Guide to Secure Private AI with Broadcom – Part 2 The New Frontier: Leading the Cloud-Native Evolution Replicating VMware vSphere Configuration Profile Desired State Webinar Recap: Design and Architecture Considerations for VMware vSphere Kubernetes Service on VMware Cloud Foundation Kubernetes 1.36: What Actually Changed for Enterprise Platforms Enhance Lateral Security and Ingress Load Balancing for Kubernetes Workloads Avi Load Balancer Analytics: Root Cause Application Performance Issues in Minutes Analyst Insight Series #3: Policy-Driven Governance and Multi-Tenant Control Post-Quantum Readiness on VMware Cloud Foundation Registration Is Live for Las Vegas | $ave with Early-Bird May 21, 2026: What’s New in VMware Tanzu Data Intelligence 10.4 From Infrastructure to Agents: A Hands-On Guide to Secure Private AI with Broadcom – Part 1 Stop Guessing: Advanced Monitoring and Troubleshooting for Data Services CPU, Disk, Network, and Memory Workload Profiles for DVD Store Database Testing How VMware Salt Automates Compliance Across Private Cloud Analyst Insight Series #2: Operational Scalability and Lifecycle Management The Real Constraint on Enterprise AI isn’t GPUs; It’s Power Deploying Harbor Service in Air-Gapped VMware Cloud Foundation 9.0 Why Enhanced DirectPath Wins for High-Performance Apps Bridging the (.Local) Gap: A Split-Domain Design for VMware Cloud Foundation Deployment Observability on VMware vSphere Kubernetes Service VMware Cloud on AWS: Introducing the Usage Report APIs Converging VMware vSphere to VMware Cloud Foundation 9.0: The Top 10 Questions Answered May 6, 2026: What’s New in Tanzu Platform 10.4: Powering Agentic Apps at Scale VMware Tanzu RabbitMQ Powers the Modern Data Lakehouse with New Spark Integration and Enterprise Tooling Tanzu Data Intelligence 10.4 Delivers AI-Driven Analytics, Unified Real-Time Operations, and Sovereign Resilience Enterprise-Ready Agents Made Simple & Safe with VMware Tanzu Platform Agent Foundations Introducing Tanzu Platform 10.4: Extending Platform as a Service to Agentic Applications How AI-Assisted Analytics in Tanzu Data Intelligence Can Help Remove the SQL Bottleneck From Prototype to Production: Securing Database MCP at Enterprise Scale The Compelling Case for a Private Cloud Data Intelligence Platform The Unification Dividend: Consolidating Database Operations on VMware Cloud Foundation The Modern Spring Workflow Is Enterprise-Ready and AI-Boosted [TAM Blog] セキュアブート証明書の有効期限切れに関する注意点と対応について Accelerate Lateral Security and Ingress Load Balancing for Kubernetes Workloads From Platform to Data: Building a Cloud-Native Developer Experience On-Prem with VMware Cloud Foundation How VMware Cloud Foundation (VCF) Training Helps Keep Top Tech Talent in APJ Build Your Case for Attending VMware Explore 2026 Spring 開発元が提供する商用サポート「VMware Tanzu® Spring Essentials」とは VMware Cloud on AWS より i7i.metal-24xl インスタンスの提供開始 VMware Advanced Memory Tiering Tips for Success VMware Cloud Foundation Edge 9.0: Two-Host Edge Site Deployment with Brownfield Import Your Database Is About to Become an AI Tool. Is It Ready? Applying GitOps Principles to Maintain Desired State Configuration using VMware vSphere Configuration Profile – Part 3 Webinar Recap: Converging VMware vSphere to VMware Cloud Foundation 9.0
MCP vs. APIs: Why You Need Both for AI Applications
Dan Vega · 2026-04-22 · via VMware Blogs

I’m a huge fan of Model Context Protocol (MCP) and have been fortunate to talk about it at several conferences and to customers lately. In those talks, a few questions often come up: What’s the difference between MCP and APIs? Is an MCP server just a wrapper around my API? If so, why do we even need one?

For me, the tl;dr is that APIs are for services, while MCP is for LLMs. They serve different consumers and solve different problems. But this isn’t an either/or choice. Today we need both. In this article, I break down the differences between APIs and MCP, explain when to use each, and show how API gateways can help you manage both.

APIs in the age of AI

If you’re a developer, chances are you already know what an API is, so I’ll keep this short. An API defines a contract between services. You specify endpoints, request and response formats, error handling, and authentication requirements. When a client (be it mobile, web, or service) needs to fetch user data or integrate with a third-party system like a payment processor, you call an API.

The key takeaway is that APIs are designed for applications. As a developer, you write code to call endpoints, parse responses, handle errors, and decide what to do with the data. You follow a procedural workflow where the application is in control. APIs remain essential in agentic applications. When you begin building MCP servers, you’re probably calling APIs, databases, and other services under the hood. 

What is MCP?

Model Context Protocol (MCP) is an open standard that’s barely a year old and has taken the world by storm. It enables AI models to connect data and actions in a structured, consistent way. It was recently donated to the Linux Foundation, a signal of its importance to the broader community.

MCP was created to solve a real problem. Large language models (LLMs) have limitations, like stale data, a tendency to hallucinate (make things up), and a lack of access to your private or proprietary data. MCP helps alleviate some of these problems by providing a standardized way to augment context for an LLM. Instead of building provider-specific integrations, you build one MCP server, which any client that supports the protocol can use. Examples include ChatGPT, Claude, Cursor, IntelliJ, or any other client that supports the protocol (and this list continues to grow).

An MCP server exposes three primitives to interact with an LLM:

  • Tools – Executable functions that the model decides to call. Think querying a database, searching the web, or accessing customer records.
  • Resources – Data sources provided directly to the AI as context, such as file contents, logs, or documentation.
  • Prompts – Reusable templates that help users accomplish specific tasks without writing complex prompts from scratch.

The key differentiator between APIs and MCP is who’s in control. In the case of an API, the application decides what to call and when. With MCP, the model determines what tools to invoke based on the user’s request.

MCP is not just a wrapper around your API

When developers first come across MCP, their first instinct is often to wrap their existing API in an MCP server. This isn’t the right approach, and I recommend thinking differently about what MCP is actually for and who’s consuming it.

Yes, an MCP server may call an API under the hood, but that’s an implementation detail. You need to design MCP servers with LLMs in mind from the start. Tokens are the currency of LLMs. Every tool definition, every response, every piece of context consumes tokens from the model’s context window. If you simply wrap your existing APIs that return 50 fields when your model only needs 3, you’re wasting tokens and money. Worse, you risk context rot. The model gets confused by too much information, which can lead to performance degradation.

My recommendation is to start fresh with this mindset. Your goal should not be to throw as much data and functionality at an LLM as possible. Think about what the model needs to accomplish, then design your tools around that. Instead of returning 1,000 users subscribed to product X and letting the model calculate the number of users and current revenue on the fly, return that data directly.

The obvious question you’re probably asking yourself is when do you use each? APIs remain the right choice for service-to-service communication. When your mobile app or web front end needs data, call an API. MCP is the right choice when an LLM is the consumer. In many cases you’ll probably need both. Your web app calls the API directly. Your AI assistant embedded in the same application uses the MCP server. Same underlying data, different interfaces.

The role of API gateways 

If you’re running APIs in production, you’re probably already using a gateway. If you’re in the Spring ecosystem, you might be using Spring Cloud Gateway. If you don’t want to manage a gateway, you might go up the abstraction ladder and reach for a platform like Tanzu Platform. Gateways handle cross-cutting concerns like authentication, rate limiting, and observability. You don’t want to reimplement these in every service.

The same is true for MCP servers. At the end of the day, an MCP server is just another app. As your MCP server traffic grows, you need the same level of governance. Gateways and platforms can manage both API and MCP traffic. This gives you unified security and observability for application-driven and AI-driven requests in one place.

There is another use case worth considering. Coding agents, like Claude Code and Cursor, need access to MCP servers to be useful. But should you let developers install any MCP server they find? Probably not. In the enterprise, users can’t freely install any applications on their machine. There’s usually a preapproved list or process for doing so. The same should be true for MCP servers. A gateway gives you a predefined list of approved MCP servers that developers can choose from. Your team gets the productivity benefits of AI tooling, while the organization maintains control over what data and systems those tools can access.

MCP and APIs: It’s an ‘and.’ Not an ‘or’

APIs and MCP are not competing technologies. In fact, they are complementary. They solve different problems and serve different consumers. APIs remain the right choice for service-to-service communication and traditional application development. MCP gives LLMs a standardized way to access your data and take action on your behalf.

The key takeaway here is to make sure you design each for its intended consumer. Don’t take the easy way out and wrap your API in an MCP server and call it a day. Think about the model’s current limitations and what it needs to be successful. Be intentional about token usage, and build your MCP servers from the ground up. Use a gateway to manage cross-cutting concerns for both, and you’ll have a foundation that serves your applications and your AI agents.

In the end, it’s not a choice between APIs and MCP. We need both.

Want to learn more? Check out these resources: 

[Demo] Production-Worthy AI with Spring AI, MCP, and Spring Security
[Webinar] Extend Your Existing APIs for Agentic Workflows with Spring HATEOAS
[Blog] Building an Enterprise MCP Server Marketplace with Tanzu Platform
[Case Study] How Broadcom’s IT Leverages Tanzu Platform to Achieve Enterprise-Scale Agentic Business Transformation
[Blog] Secure and Scale Your Digital Transformation with Spring Cloud Gateway Extensions[Blog] The Security Gap in AI Applications: Rethinking API Protection for a New Era