An emerging open standard for multi-agent systems, covering discovery, task lifecycle management, and structured workflows.
Updated: April 2026
Version: 1.0
Category: Multi-Agent
Reading Time: ~10 min
Author: Michaël Bettan
01
Definition & Scope
What is A2A?
The Agent2Agent (A2A) protocol is an emerging open standard for multi-agent systems. Initiated by Google, developed with industry partners, and now governed by the Linux Foundation, it defines how agents discover each other, manage task lifecycles, and coordinate structured workflows.
A2A is the "universal language for multi-agent systems"; any compliant agent, regardless of its underlying framework (e.g., LangGraph, CrewAI, Google ADK), can communicate, delegate tasks, and share information.
A2A Solves For
Individual AI agents built on different frameworks operate in isolation → Multi-Agent Silo problem (lack of a common language hinders cohesive problem-solving). A2A provides a standardized framework telling an AI agent exactly how to dynamically discover other agents, what capabilities they offer, and how to negotiate UX and state.
MCP vs. A2A
These two technologies are not competing — they are composable layers for production agentic systems:
Feature
MCP
A2A
Integration Focus
Vertical integration (Agent ↔ System).
Horizontal orchestration (Agent ↔ Agent).
Execution Model
Stateless, synchronous request/response for querying DBs, calling APIs, or reading files.
Deeply stateful cognitive reasoning, multi-step planning, and delegation between specialized agents.
Semantic Structures
Lacks semantic structures for peer negotiation, capability discovery, or long-running task management.
Built specifically for capability discovery, state management, and long-running workflows.
Production Pattern
An A2A meta-agent distributes tasks to specialized sub-agents, which then use MCP to execute deterministic actions.
02
Core & Protocol Architecture
Core Architecture
User
Initiates the high-level request for agent assistance.
A2A Client (Client Agent)
Formulates and communicates tasks. Acts on the user's behalf to discover capabilities and orchestrate the workflow.
A2A Server (Remote Agent)
An AI agent or system providing an HTTP endpoint to process client requests. Operates as an "opaque" system — the client agent does not need to understand its internal operational details, framework choice (e.g., LangGraph vs. CrewAI vs. ADK), or model provider. This opacity makes true cross-vendor interoperability possible.
Protocol Architecture
Canonical Data Model
All frameworks serialize internal state into the Canonical Data Model (a2a.proto) before transmission — this is what neutralizes framework incompatibility.
Abstract Operations
Defines the logic of task management and peer negotiation.
Protocol Bindings
Concrete implementation over HTTP/JSON-RPC.
03
Standard Workflow
A2A structures communication around asynchronous tasks (fundamental units of work for long-running processes) using JSON-RPC 2.0 over HTTP(S).
01
Capability Discovery
Client locates the remote agent's "Agent Card".
02
Task Formulation
Client agent evaluates the remote agent's skills and formulates a task request.
03
Execution Request
Client agent sends the payload via message/send or message/stream.
04
Collaboration & State
Agents send messages preserving conversational threading and lineage.
05
Artifact Generation
Tangible outputs of the task are streamed incrementally to the client.
04
Capabilities & Transports
Interaction Mechanisms (Transports)
A2A provides four interaction methods suited to different task durations and resource profiles:
Synchronous Request/Response: Client uses message/send and actively waits for a complete response in a single exchange. Best for quick, immediate operations where latency is low and result is instantaneous.
Asynchronous Polling: The client first calls message/send, receives a Task object with a taskId in a SUBMITTED or WORKING state, and then uses tasks/get to poll. Server acknowledges immediately with a working status and a task_id. Suitable for medium-duration tasks where a persistent connection is impractical.
Streaming Updates (SSE): Client uses message/stream. Establishes a persistent, one-way Server-Sent Events connection. Remote agent pushes incremental updates with chunking parameters: append: false (new artifact), append: true (continuation), and lastChunk: true (termination). Best for tasks with observable progress.
Push Notifications (Webhooks): For resource-intensive, long-running tasks spanning hours or days. Client registers a webhook URL upfront; the server sends async push notifications upon significant state changes — eliminating the need for any persistent connection.
Selection Rule
Match the transport to the task duration. Using synchronous message/send for a 4-hour research task will timeout and lose state.
Core Capabilities
A2A standardizes agent interactions through fundamental building blocks:
Agent Cards: The digital identity of an agent (JSON format). It defines identity, skills (e.g., get_current_weather), and capabilities (streaming, pushNotifications, stateTransitionHistory). Includes Content Negotiation (defaultInputModes/defaultOutputModes for MIME types).
Agent Discovery: Clients find Agent Cards dynamically to understand available capabilities. Methods include:
Well-Known URI: Standardized path (/.well-known/agent.json) enabling broad, automated discovery. Similar to how browsers discover SSL certificates.
Direct Configuration: Hardcoded or privately shared Agent Card URLs for closely coupled, trusted internal systems.
Authenticated Extended Card Pattern: Public card may signal supportsAuthenticatedExtendedCard: true. Clients authenticate via OAuth to retrieve sensitive skills via GET /a2a/agent/authenticatedExtendedCard.
Modality Agnostic UX Negotiation
A2A embraces natural, unstructured modalities. Message "parts" can contain text, generated images, or even negotiate UI capabilities (iframes, video, audio streaming, web forms) directly between agents.
05
Advanced Collaborative Workflows
Workflow Patterns
Hierarchical Structures: A supervisor agent dynamically delegates tasks to specialized worker agents based on their Agent Card capabilities, synthesizing their outputs into a unified result. The classic A2A production topology — mirrors how human organizations delegate work.
Debate and Consensus: Multiple agents with varied perspectives, data sources, or model biases engage in structured discussion to evaluate options and converge on an informed decision. Eliminates single-model blind spots. Critical for high-stakes decisions (e.g., medical triage, financial risk assessment).
Critic-Reviewer (Self-Correction): A producer agent generates a draft artifact; a separate, independent reviewer agent critically assesses it for safety, compliance, factual accuracy, and quality before the artifact is finalized. Architectural safeguard against hallucination propagating downstream in a pipeline.
06
Implementation & Security
Architecture & Implementation
Ecosystem Support: Natively supported by major platforms including Google Cloud, LangChain, CrewAI, Atlassian, Salesforce, SAP, and MongoDB.
Google ADK Implementation: Developers implement A2A servers by:
Defining an AgentCard (JSON identity + capabilities declaration).
Defining AgentSkills (specific callable capabilities with input/output schemas).
Attaching an ADKAgentExecutor (bridges A2A Task lifecycle to the ADK agent's run loop).
Exposing it via A2AStarletteApplication — an ASGI-compatible HTTP handler running on Uvicorn.
Security & Operations
Authentication & Authorization: Requirements are explicitly declared in the Agent Card.
Mutual TLS (mTLS): Required for enterprise-grade deployment to encrypt and authenticate connections, preventing unauthorized access and interception.
Comprehensive Audit Logs: All inter-agent communications must be meticulously recorded, detailing information flow and actions for accountability, troubleshooting, and security analysis.
Agent Card Access Control: Secure Agent Card endpoints through network restrictions and authentication if the card contains sensitive system topology data. Public-facing agents may expose cards openly; internal enterprise agents should require authenticated access.
Design Principle
Embrace agentic capabilities. An agent is not just a "tool" — A2A allows collaboration in natural, unstructured modalities without forcing shared memory.
Security Anti-Pattern
Secure credentials (OAuth 2.0 tokens, API keys) must always be passed via HTTP headers — never embedded in URLs (logged by proxies and web servers) or message bodies (persisted in Task history logs and potentially forwarded to downstream agents).
Value Proposition
For Developers: Eliminates custom integration glue code and vendor lock-in. Build an agent once and allow it to connect with any other A2A protocol-compliant agent.
For Enterprises: Multiplies productivity gains by breaking down silos, enabling specialized agents to securely work together across diverse enterprise platforms (e.g., Workday, Salesforce, SAP).
For End-Users: Yields highly autonomous, unified experiences where complex goals (e.g., candidate sourcing, complex research) are orchestrated invisibly by a team of specialized AI experts.
07
Glossary
Core Concepts
Client Agent: The orchestrating agent responsible for goal decomposition and Task delegation to remote specialists.
Remote Agent (Specialist): Domain-specific agent that receives and executes Tasks autonomously within its area of expertise.
Agent Card: JSON capability advertisement published by each agent — the A2A equivalent of MCP's tools/list; hosted at /.well-known/agent.json.
Task: The fundamental unit of A2A work — stateful, asynchronous, and designed for long-running workflows.
contextId: A persistent correlation identifier that preserves conversational threading and lineage across multiple asynchronous exchanges within a Task.
Artifact: The structured output produced by a completed Task — passed to the next agent or returned to the user.
A2A Endpoint: The HTTPS URL where an agent receives incoming Tasks; declared in its Agent Card.
Agentspace: Google's unified enterprise interface for interacting with A2A-coordinated agent teams.
AgentSkills: Structured capability declarations within an Agent Card defining specific callable functions with their input/output schemas — the A2A equivalent of MCP's Tool JSON Schema definitions. Example: get_current_weather with defined input/output modes.
Communication Layer
TextPart: Plain text or markdown content within a Task message.
DataPart: Structured JSON payload within a Task message.
FilePart: Binary content (image, PDF, audio, video) with explicit MIME type within a Task message.
UX Negotiation: A2A mechanism where client agents declare UI capabilities so remote agents can tailor response format (iframes, video, web forms, plain text).
TaskStatusUpdateEvent: SSE event reporting a Task's status transition.
TaskArtifactUpdateEvent: SSE event delivering an intermediate or final artifact during Task execution.
message/send: A2A method for synchronous task dispatch — client sends and actively waits for a complete response in a single exchange. Use for quick, low-latency operations.
message/stream: A2A method for streaming task dispatch — establishes a persistent SSE connection for real-time incremental artifact and status delivery. Use for tasks with observable intermediate progress.
Transport Layer & Task Lifecycle
Synchronous Request/Response (message/send): Single-exchange transport — client sends and waits for complete result. Best for immediate, low-latency operations.
Asynchronous Polling (tasks/get): Server acknowledges with working status + task_id; client polls periodically using tasks/get. Best for medium-duration tasks where a persistent connection is impractical.
Streaming Updates (message/stream): Persistent SSE connection; server pushes incremental updates in real time. Best for tasks with observable intermediate progress.
Push Notifications (Webhooks): Client registers a callback URL; server fires async notifications on state changes. Best for long-running tasks spanning hours or days where maintaining any persistent connection is impractical.
submitted: Task received and queued by remote agent.
working: Remote agent actively executing the Task.
Task Depth Limit: Maximum allowed nesting level for agent delegation chains — prevents infinite orchestration loops.
Artifact Chaining: Pattern where one agent's Task output becomes the next agent's Task input — enables pipeline architectures.
Mutual TLS: Certificate-based mutual authentication between client and remote agents for high-security environments.
HITL (Human-in-the-Loop): Explicit human approval mechanism triggered via input-required Task status before proceeding with sensitive or irreversible actions.
Self-Assessment Questions
Q1. What is the core philosophy of the A2A model?
Using specialized micro-agents working in a swarm rather than relying on one monolithic model.
Q2. What are "Agent Cards" in the A2A framework?
JSON resumes advertising an agent's capabilities and skills to other agents.
Q3. What is the difference between sequential and parallel swarm execution?
Sequential execution passes tasks from one agent to the next in a pipeline, while parallel execution has multiple agents working on tasks simultaneously.