u/zapier_dave

I work at Zapier on the MCP side. We've been seeing a lot of teams ask similar questions about MCP implementation in production, so wanted to share patterns I keep hearing and answer specifics in the comments.

A few recurring ones:

1. Auth at production scale. Most teams start with API keys for local/personal setups and hit a wall when they want end users to connect their own accounts. The questions are usually around consent flows and revocation, not the protocol itself. Curious what others' experiences are like at this stage.
2. Which actions to expose vs. which to gate. Trying to expose every action a tool can do leads to hallucination issues when agents call ambiguous ones. The pattern that's worked better is curating a smaller surface area of high-confidence actions per agent, then expanding as you learn. Anyone else seeing this?
3. Observability. Once an agent is calling 5-10 different MCP servers, debugging "why did it do that?" gets painful. We've leaned on logging each MCP call into Tables for after-the-fact review. There are probably better patterns out there.
4. Multi-tenant deployment. When one MCP server serves many of your users' connected apps, the auth and isolation model matters more than the protocol. Managed services sidestep some of this; self-hosting is a different story.

For context, Zapier MCP exposes actions across our app catalog to external AI agents (Claude, ChatGPT, Cursor, whatever supports the protocol). Happy to answer specifics about how it works under the hood or compare with other MCP setups people are using.