Google A2A Agent Protocol: Multi-Agent Interoperability, Task Delegation, and MCP Comparison
Summary
- Google A2A (Agent-to-Agent) is the 2026 industry standard for multi-agent interoperability
- A2A and MCP solve different layers: MCP connects Agents to tools; A2A enables Agent-to-Agent collaboration
- Agent Card is A2A's "business card" — declares capabilities, endpoints, and authentication
- Task Lifecycle is A2A's core abstraction: submit → process → complete/fail/input-required
- Complete solution from protocol theory to Python implementation, including multi-agent orchestration
Table of Contents
- The Multi-Agent Interoperability Challenge
- A2A Protocol Core Concepts
- Agent Card: The Agent's Business Card
- Task Lifecycle and State Machine
- A2A vs MCP: Protocol Comparison
- Python A2A Server Implementation
- Multi-Agent Practice: Customer Service Routing
- Security Model and Production Deployment
- Interview Topics and Selection Guide
- Summary and Further Reading
The Multi-Agent Interoperability Challenge
In 2025, MCP solved "how Agents connect to tools." In 2026, enterprises face: how do customer service, order, logistics, and refund Agents collaborate?
| Pain Point | Without A2A | With A2A |
|---|---|---|
| Agent discovery | Hardcoded URLs | Agent Card auto-registration |
| Task delegation | Custom HTTP per team | Standard Task API |
| State sync | Polling or custom WebSocket | Standard SSE event stream |
| Security | Each Agent implements own auth | Unified OAuth2/API Key |
| Heterogeneous compatibility | Python Agent cannot call Go Agent | Protocol-level unification |
Example: User asks "Where is my headphone order from last week?" — Customer service Agent delegates to Order Agent, then Logistics Agent, then Refund Agent if needed. Each Agent focuses on its domain via A2A standard protocol.
A2A Protocol Core Concepts
Core Entities
| Entity | Description | Analogy |
|---|---|---|
| Agent Card | Capability declaration and endpoint info | Service registry entry |
| Task | A work request with full lifecycle | HTTP request + async job |
| Message | Single interaction within a Task | Chat message |
| Artifact | Task output (file, data, report) | API response body |
| Part | Content fragment in Message/Artifact | MIME multipart |
Agent Card: The Agent's Business Card
{
"name": "order-agent",
"description": "Agent for order query, creation, and status changes",
"url": "https://agents.example.com/order",
"version": "1.0.0",
"skills": [
{"id": "query-order", "name": "Query Order", "description": "Query order by ID or user ID"},
{"id": "create-order", "name": "Create Order", "description": "Create new order from product list"}
],
"authentication": {"schemes": ["bearer"]}
}
Hosted at /.well-known/agent.json — similar to OAuth's .well-known/openid-configuration.
Task Lifecycle and State Machine
submitted → working → completed
→ failed
→ input-required (needs more info)
Core Task API Methods
| Method | Description |
|---|---|
| tasks/send | Send new task |
| tasks/get | Query task status |
| tasks/cancel | Cancel task |
| tasks/subscribe | Subscribe to SSE event stream |
A2A vs MCP: Protocol Comparison
| Dimension | MCP | A2A |
|---|---|---|
| Problem solved | Agent ↔ tools/data | Agent ↔ Agent |
| Communication | Client-Server | Peer-to-Peer |
| Core abstraction | Tool, Resource, Prompt | Task, Message, Artifact |
| State | Stateless | Stateful (Task lifecycle) |
| Relationship | Complementary | Complementary |
One line: MCP gives Agents hands (tools); A2A lets Agents team up (collaborate).
Combined Architecture
User → Orchestrator Agent
├─ A2A → Customer Service Agent → MCP → Knowledge Base
├─ A2A → Order Agent → MCP → Order DB
└─ A2A → Logistics Agent → MCP → Logistics API
Python A2A Server Implementation
class OrderAgent:
async def handle_task_send(self, params: dict) -> dict:
task_id = params.get("id", str(uuid.uuid4()))
message = params["message"]
user_text = message["parts"][0]["text"]
task = Task(id=task_id, status=TaskStatus.WORKING)
try:
if "query" in user_text.lower() or "查询" in user_text:
order_id = self._extract_order_id(user_text)
if not order_id:
task.status = TaskStatus.INPUT_REQUIRED
return self._task_to_response(task)
order = await self.order_service.get_order(order_id)
task.status = TaskStatus.COMPLETED
task.artifacts.append({"name": "Order Details", "parts": [{"type": "data", "data": order}]})
except Exception as e:
task.status = TaskStatus.FAILED
return self._task_to_response(task)
Multi-Agent Practice: Customer Service Routing
class CustomerServiceOrchestrator:
async def handle_user_query(self, query: str) -> str:
intent = await self._classify_intent(query)
agent_url = self.agents.get(intent)
task_result = await self._send_a2a_task(agent_url, query)
if task_result["status"] == "completed":
return self._format_artifacts(task_result["artifacts"])
return "Unable to process your request"
Security Model and Production Deployment
| Layer | Measure |
|---|---|
| Transport | HTTPS/TLS 1.3 |
| Authentication | OAuth2 Bearer Token |
| Authorization | Skill-level permissions |
| Audit | Task ID full-chain tracing |
Production checklist: Agent Card at /.well-known/agent.json, K8s Service exposure, API Gateway for auth/rate limiting, Task timeout (default 30s), monitor Task success rate and latency.
Interview Topics and Selection Guide
Q1: Relationship between A2A and MCP?
Complementary. MCP = vertical integration (Agent-tools). A2A = horizontal integration (Agent-Agent). Production systems use both.
Q2: A2A vs direct HTTP API?
A2A provides standardized Task lifecycle, Agent discovery, state push, and Artifact delivery. Direct HTTP requires custom implementation per team.
Q3: When is A2A not needed?
Single Agent + MCP tools is sufficient. A2A adds value when multiple specialized Agents must collaborate.
A2A Ecosystem in 2026
Linux Foundation governance alongside MCP. Agent Marketplace emerging. Low-code platforms export A2A-compatible Agents.
Error Handling and Retry
Exponential backoff for 503/429. Same task_id on retry returns existing Task state (idempotent).
Streaming with SSE
tasks/subscribe for long tasks. Event types: task-status-update, task-artifact-update. Forward progress to users in real-time.
A2A vs LangGraph/CrewAI
A2A is transport protocol (like HTTP); frameworks are application layer. Use frameworks internally, A2A for cross-team interoperability.
Multi-Tenant Agent Registry
def discover(self, tenant_id: str, skill: str) -> list[dict]:
return [a for a in agents if a.tenant_id == tenant_id and skill in a.skills]
Tenant isolation, per-agent rate limiting, full Task audit logs.
Hands-On: Dual-Agent Demo in 30 Minutes
Deploy OrderAgent + LogisticsAgent + Orchestrator. Route by intent keywords. Verify Agent Card at /.well-known/agent.json.
Security Attack Surface
Agent impersonation (Registry whitelist), Task injection (size limits), privilege escalation (Skill-level RBAC), data exfiltration (output filtering).
2026 Trends
Protocol 1.0 release, Agent Marketplace, low-code A2A export, OWASP Agent security framework, edge-cloud Agent collaboration.
Summary and Further Reading
Key takeaways:
- A2A solves Agent collaboration; MCP solves Agent-tool connection
- Agent Card discovery at
/.well-known/agent.json - Task is core abstraction with full lifecycle state machine
- Multi-Agent orchestration uses coordinator pattern with intent routing
- Production requires HTTPS + OAuth2 + full-chain Task tracing
Related reading:
References:
Try these browser-local tools — no sign-up required →