The MCP quickstart gets you a working server in ten minutes. Then a paying client connects Claude to it, and you discover everything the quickstart didn't mention. This is the list I wish I'd had.
Failure one: auth is an afterthought
Most tutorial servers run unauthenticated on localhost. In production you need OAuth 2.1 for user-scoped access and API keys for service-to-service — and you need both from day one, because retrofitting auth into a tool registry means touching every handler.
Every client we shipped against wanted a different auth flavor: OAuth for Claude and Cursor, static API keys for internal service-to-service calls. Support both from the first commit.
Failure two: agents hammer your tools
A human clicks once. An agent in a retry loop calls your tool forty times in a minute. Per-client rate limiting is not optional, and the limits belong at the registry layer, not inside individual tools.
registry.register(searchOrders, {
rateLimit: { perClient: 30, window: '1m' },
timeout: 8000,
})The other three failures
Each earned its own incident writeup. The short version: pin your SDK, version your schemas, and log every tool call with its full input.
If you'd rather not build the plumbing yourself, that's what the products are: the protocol plumbing, delegated payments, webhooks, and test suites — ready to point at your stack.
Golam Mostafa builds ACP, UCP, and MCP infrastructure at saify.dev. Get every deep-dive and every product with All-Access.