
Konstantin Semenenko
July 13, 2026
3
minutes read
The Agent2Agent (A2A) protocol is an open standard, created by Google in April 2025 and now governed by the Linux Foundation, that lets AI agents built on different frameworks and by different vendors discover each other, exchange tasks, and collaborate, without exposing their internal code, memory, or tools. If MCP is how an agent connects to tools, A2A is how one agent delegates work to another. It reached v1.0 in April 2026 with 150+ organizations, cloud support (Microsoft, AWS, Google), and works through Agent Cards (capability advertising), Tasks (units of work), and standard transport (HTTP, SSE, JSON-RPC). A2A and MCP are complementary layers, not competitors.




The Agent2Agent (A2A) protocol is an open standard for how autonomous AI agents communicate and collaborate with each other across different frameworks, vendors, and systems. Created by Google and announced in April 2025, then donated to the Linux Foundation in mid-2025, it solves a problem that appears the moment multi-agent systems leave the lab: an agent built on one framework has no standard way to discover, talk to, or delegate work to an agent built on another. A2A defines that standard, a universal "language" for agents, often described as "HTTP for the agent era." The clean way to place it: MCP connects an agent to tools, A2A connects an agent to other agents. By April 2026 it reached v1.0 with 150+ supporting organizations and production support across Microsoft, AWS, and Google. This explains how it works and where it fits.
We build multi-agent systems where coordination is the hard part, so this is a practitioner's explanation of A2A, what it does, and how it relates to the rest of the agent stack.
As agents move from single-purpose demos to production systems, a new problem appears: coordination. A research agent might need a specialist summarization agent; a planner agent might need to delegate a subtask to an agent owned by a different team or vendor entirely. Without a standard, every such connection is a bespoke integration, and agents built on different frameworks (one on Google's ADK, another on LangGraph, another in-house) simply cannot talk to each other without custom glue code.
A2A removes that. It gives agents a common protocol to discover one another, understand what each can do, exchange structured tasks, and manage long-running work, all without any agent exposing its internal state, memory, or tool implementations. That last part matters: an agent can delegate work to another agent without either revealing how it works internally, which is what makes cross-vendor and cross-team collaboration viable. The Linux Foundation put it plainly: as software systems operate more independently, coordination becomes the bottleneck, and A2A is built to remove it.
A2A is deliberately thin, built on standard web technology rather than a new protocol layer. Three concepts carry it:
The design principles behind it are the ones multi-agent systems actually need: discoverability (find other agents and their capabilities), interoperability (agents from different vendors speak one protocol), asynchrony (long tasks do not block the caller), security (agents authenticate each other), and observability (every exchange is traceable). Those requirements are why A2A looks the way it does.
The most common confusion is whether A2A competes with MCP, and it does not, they are complementary layers of the same stack. MCP governs the agent-to-tool relationship: how an agent reads data and calls tools, which we cover in MCP explained. A2A governs the agent-to-agent relationship: how one agent delegates a task to another. In a mature system you use both, an agent uses MCP to access its tools and A2A to coordinate with other agents.
A concrete picture: a planner agent receives a job, uses A2A to delegate a research subtask to a specialist research agent, and that research agent uses MCP to query databases and call APIs to do the work. MCP is the integration layer, A2A is the coordination layer. Both are now governed by the Linux Foundation's Agentic AI Foundation, and the signal that they are complementary is strong, even IBM's competing agent-communication protocol merged into A2A rather than competing with it. For anyone designing multi-agent coordination in 2026, A2A is effectively the standard, and it sits alongside MCP rather than replacing it.
A2A matters because multi-agent coordination stopped being theoretical. Once you run more than one agent in production, how they talk to each other becomes a blocking problem, and the industry converged on A2A fast: from a Google announcement with 50 partners in April 2025 to 150+ organizations, v1.0, and production deployments across major clouds within a year. That convergence means a team building agents today can design for cross-agent collaboration on a real standard instead of inventing bespoke coordination.
It also connects to the harder questions we raised in building for agents: once agents transact and delegate across organizational boundaries, you need identity, trust, and even payment layers, and A2A is where those are being built (signed Agent Cards for identity, and a payments extension for agent commerce). The caution worth keeping: standardized agent-to-agent communication also widens the attack surface, an agent that accepts tasks from other agents inherits trust questions, which is why the same guardrails and injection defenses that protect a single agent matter more, not less, in a connected agent network, as we cover in AI agent guardrails.
A2A is the open standard for how AI agents discover, communicate with, and delegate tasks to each other across frameworks and vendors, "HTTP for the agent era," created by Google in April 2025 and governed by the Linux Foundation, at v1.0 with 150+ organizations by April 2026. It works through Agent Cards (capability discovery), Tasks (units of work), and standard web transport, and it is complementary to MCP: MCP connects agents to tools, A2A connects agents to agents. As multi-agent systems move to production, A2A is becoming the coordination standard, and building on it means designing for real cross-agent collaboration instead of custom glue, with identity and security as first-order concerns.
If you want multi-agent systems built on the emerging standards, A2A for coordination, MCP for tools, with the security handled properly, that is where our AI Dev Team work starts.
What is the A2A protocol? The Agent2Agent protocol, an open standard created by Google (April 2025) and governed by the Linux Foundation, that lets AI agents built on different frameworks and by different vendors discover each other, exchange tasks, and collaborate, without exposing their internal code, memory, or tools.
What is the difference between A2A and MCP? MCP connects an agent to tools and data (the agent-to-tool relationship); A2A connects an agent to other agents (the agent-to-agent relationship). They are complementary layers, not competitors, a mature system uses MCP for tool access and A2A for coordination, both governed by the Linux Foundation.
How does A2A work? Through three concepts: Agent Cards (each agent advertises its capabilities at a well-known URL for discovery), Tasks (units of work exchanged between agents, with a defined lifecycle for long-running async work), and standard transport (HTTP, Server-Sent Events, JSON-RPC 2.0), so it fits existing web infrastructure.
Is A2A widely adopted? Yes. From a Google announcement with 50 partners in April 2025, it grew to 150+ organizations, reached v1.0 in April 2026 with signed Agent Cards, and has production support across Microsoft, AWS, and Google Cloud. IBM's competing protocol merged into A2A rather than competing, making it effectively the standard.
Is A2A secure? It builds in authentication and, in v1.0, signed Agent Cards for verifiable identity. But agent-to-agent communication widens the attack surface: an agent that accepts tasks from others inherits trust and injection risks, so guardrails, authorization boundaries, and injection defenses matter more in a connected agent network, not less.


