Skip to main content

En esta sección

What You Need to Know About Agent2Agent Protocol

Escrito por
Headshot of Sonya Moisset

Sonya Moisset

0 minutos de lectura

As AI agents proliferate across enterprise environments, a new protocol announced by Google on April 9, 2025, aims to solve one of organizations' most significant challenges today: getting these specialized tools to work together seamlessly across organizational and technological boundaries.

Understanding the Agent interoperability challenge

Breaking down AI silos

AI agents increasingly populate the modern enterprise landscape, specializing in human resources, IT support, customer service, or supply chain management functions. Their proliferation within isolated ecosystems has created a challenge: the silo problem. Agents developed by different vendors, built on disparate frameworks, or frequently managing distinct business domains, cannot communicate or coordinate effectively.

This fragmentation limits the potential for deep automation across organizational boundaries, leading to three significant problems:

  1. Vendor lock-in: Organizations become dependent on single-vendor solutions to ensure interoperability

  2. Integration costs: Creating bespoke connections between agent systems requires substantial development effort

  3. Limited automation potential: Complex workflows crossing multiple domains become difficult or impossible to automate

A new approach to Agent collaboration: What is A2A protocol?

The Agent2Agent (A2A) protocol, initiated by Google with over 50 technology partners at launch, directly addresses this interoperability gap. Unlike previous approaches to AI integration, A2A takes a broader strategy by establishing a common framework that enables AI agents to discover one another, exchange information, manage state, and coordinate actions across diverse platforms.

A2A aims to improve a collaborative multi-agent ecosystem where agents can work together on complex workflows, increasing autonomy and productivity while reducing integration costs. Think of it as creating a universal language and set of interaction protocols that any AI agent can adopt to participate in the broader ecosystem.

Using AI in your development?

Snyk’s AI TrustOps Framework is your roadmap for building and maturing secure AI development practices within the new AI risk landscape.

Download the Ebook

Core principles and architecture

A2A's design is guided by several key principles that reflect its practical focus on enterprise environments:

Build on existing standards: Rather than creating entirely new mechanisms, A2A leverages widely adopted web standards, including HTTP/HTTPS, JSON-RPC 2.0, and Server-Sent Events (SSE). This approach ensures compatibility with existing infrastructure and reduces developers' learning curve.

Embrace agentic capabilities: Unlike some protocols that reduce agents to simple function endpoints, A2A facilitates rich, peer-to-peer collaboration between autonomous agents. This enables more sophisticated interactions involving negotiation or clarification, similar to how human experts might collaborate.

Secure by default: Recognizing security as a primary concern in enterprise environments, A2A mandates HTTPS and requires agents to declare their authentication requirements upfront. While this provides the framework for security, organizations must still implement robust authentication and authorization mechanisms.

Support for long-running tasks: Many enterprise workflows span hours or days and may require human intervention at key decision points. A2A is explicitly designed for these asynchronous operations with persistent task tracking and real-time feedback mechanisms.

Modality agnostic: Communication between agents isn't limited to text. A2A supports exchanging structured data, files, and potentially streaming media, enabling richer collaborative scenarios.

Inside the A2A architecture

A2A introduces several key concepts that form the backbone of agent interoperability:

Client-Server interaction model

A2A interactions follow a client-remote agent model:

  • The Client agent identifies needs, discovers appropriate agents, forms requests, and handles responses.

  • The Remote agent (A2A Server) exposes capabilities, processes requests, and manages task execution.

This distinction represents roles within specific interactions, not fixed identities. A single agent can act as both client and server in different contexts, enabling complex mesh network topologies where agents can freely collaborate.

The Agent Card: Digital identity for AI

The Agent Card is at the heart of A2A's discovery mechanism, a standardized, machine-readable profile that each A2A-compliant agent publishes. Located at a well-known URI (https://{agent-server-domain}/.well-known/agent.json), this JSON document serves as both identity and service advertisement, containing:

  • Basic identification (name, description, provider)

  • Service endpoint information

  • A2A capabilities

  • Authentication requirements

  • List of specific tasks or functions the agent can perform

This standardized approach to agent discovery addresses one of the fundamental challenges in creating multi-agent systems: finding and understanding what other agents can do.

Task: The fundamental work unit

The Task is the core unit of work in A2A. Unlike simple API calls, A2A tasks have a sophisticated lifecycle that mirrors how complex work is handled in real-world settings:

  • “submitted”: Initial request sent

  • “working”: Active processing

  • “input-required”: Awaiting additional information (enabling back-and-forth dialogue)

  • “completed”: Successfully finished with results

  • “failed”: Task could not be completed

  • “canceled”: Explicitly terminated

This stateful approach to task management is particularly valuable for enterprises, as it enables tracking, auditing, and managing long-running operations.

Rich communication primitives

A2A defines specific structures for information exchange:

  • Message: Represents a turn of communication between agents

  • Part: Content units with specialized types for different data:

    • TextPart: Plain or formatted text

    • FilePart: Documents, images, or other file content

    • DataPart: Structured JSON data

  • Artifact: Final or intermediate outputs generated during task execution

This structured approach to communication allows agents to exchange complex information and maintain semantics about the nature and purpose of each exchange.

A2A in action

To understand how A2A works in practice, let's walk through a typical interaction between agents:

  1. Discovery: A client agent (a personal assistant) needs a specialized capability (travel booking). It fetches Agent Cards from known providers to find a suitable remote agent.

  2. Authentication and capability check: The client examines the travel agent's capabilities and prepares the necessary authentication credentials based on requirements in the Agent Card.

  3. Task initiation: The client requests the travel agent's endpoint, creating a new task with specific parameters ("Book a flight from New York to San Francisco next Thursday").

  4. Collaborative processing: The travel agent might need clarification, transition the task to input-required state, and ask, "Do you prefer morning or evening flights?". The client responds with the user's preference, allowing processing to continue.

  5. Real-time updates: For this long-running task, the travel agent provides real-time updates as it searches for flights and makes reservations through streaming SSE or push notifications to a webhook.

  6. Task completion: The travel agent completes the booking and transitions the task to a completed state, providing structured artifacts with the booking details, confirmation numbers, and receipt.

Real-time communication options

A2A provides two distinct mechanisms for real-time updates:

  • Streaming via SSE: Maintains a persistent connection for immediate updates on task status and artifacts

  • Push notifications: The Server sends updates to a client-specified webhook URL

This flexibility accommodates different architectural patterns and network environments, critical for enterprises with varied infrastructure and security requirements.

A2A and MCP: Complementary approaches to the agent ecosystem

The AI interoperability landscape includes multiple emerging standards, with Anthropic's Model Context Protocol (MCP) notable alongside A2A. Rather than competing standards, these protocols address different aspects of the agent ecosystem challenge.

Two distinct AI Agent systems separated by an organizational boundary. The A2A protocol is depicted as a bridge enabling communication between the agents. The MCP protocol connects agents downwards to its own set of APIs and enterprise applications.

How A2A and MCP differ

Feature/ Aspect

A2A Protocol

MCP Protocol

Primary Focus

Agent-to-Agent communication, collaboration, coordination

Model/Agent-to-Tool/Resource communication, context provision

Core Problem Solved

Enabling interoperability between disparate AI agents

Standardizing how AI models access external tools and data

Interaction Scope

Agent ↔ Agent (Horizontal Integration)

Agent → Tool Server (Vertical Integration)

Communication Style

Task-oriented, potentially conversational, negotiation-supportive

Structured, schema-driven, function/API call style

Task Management

Multi-stage lifecycle, stateful

Typically single-stage, atomic execution, request-response

Key Components

Agent Card, A2A Client, A2A Server, Task, Message, Part, Artifact

MCP Client (Host), MCP Server, Protocol (defining resource/tool interactions)

Transport/Format

HTTP(S), JSON-RPC 2.0, SSE

Protocol-defined (often over HTTP/WebSockets, using JSON)

Asynchronicity

Built-in support for long-running tasks (SSE, Push Notifications)

Primarily synchronous request-response (async possible via implementation)

Think of A2A as providing the "conversation" between collaborating agents, while MCP provides the "toolbox" each agent uses to accomplish its tasks. This complementary relationship creates opportunities for powerful integration patterns.

Building integrated systems: A2A + MCP

In an enterprise AI architecture, these protocols can work together:

  1. A primary assistant agent uses A2A to discover and delegate to specialized domain agents

  2. Each domain agent uses MCP to access specific tools, data sources, and APIs

  3. Results flow back through the agent network via A2A for integration and presentation

This layered approach enables architectural patterns where organizations can mix and match specialized agents while ensuring they can collaborate across boundaries.

Security, governance, and deployment

While A2A provides the technical foundation for agent interoperability, organizations must consider several factors when implementing it in production environments.

Security framework

A2A mandates HTTPS and requires agents to declare authentication requirements in their Agent Cards. The protocol supports standard authentication schemes including API keys, Bearer tokens, OAuth 2.0, and OpenID Connect. However, simply adopting A2A doesn't guarantee security; organizations must implement robust practices around several key areas:

Security concern

Support

Implementation requirements

Authentication

Standardized declaration in Agent Cards

Proper implementation of chosen auth schemes; secure credential management

Authorization

Basic framework for identity verification

Custom authorization logic, role-based access control systems

Agent identity

Agent Card discovery mechanism

Registry of trusted agents; verification mechanisms

Data protection

HTTPS transport encryption

Additional encryption for sensitive data; data classification

Audit logging

Task tracking with identifiers

Comprehensive logging systems; compliance-specific tracking

Implementation checklist

For organizations looking to implement A2A, consider this practical checklist:

  • Agent inventory: Identify existing and planned AI agents across your organization

  • Capability mapping: Document the specific capabilities each agent provides

  • Authentication strategy: Determine authentication mechanisms for inter-agent communication

  • Agent discovery strategy: Decide between direct agent discovery or a centralized registry

  • Governance framework: Establish policies for agent collaboration and data sharing

  • Monitoring infrastructure: Set up systems to track inter-agent communication

  • Security review: Conduct a comprehensive security assessment before production deployment

  • Compliance validation: Ensure implementation meets relevant regulatory requirements

Common implementation challenges

Organizations implementing A2A should be aware of several common challenges:

  • Discovery scalability: The basic Agent Card discovery mechanism may not scale well for large deployments; consider implementing a centralized agent registry

  • Authentication complexity: Managing credentials across numerous agents can become unwieldy; implement a centralized identity solution

  • Task orphaning: Long-running tasks may be orphaned if agents restart; implement robust task persistence

  • Version compatibility: As A2A evolves, version mismatches may cause interoperability issues; carefully manage protocol versions

Future directions for A2A and agent interoperability

Several developments may shape the future of agent interoperability:

  • Enhanced discovery mechanisms: More sophisticated agent discovery capabilities, potentially including semantic search and capability matching

  • Security enhancements: Additional security features such as agent identity verification and data provenance tracking

  • Standardized capabilities taxonomy: Common vocabulary for describing agent capabilities to improve discovery

  • Integration with workflow standards: Connections to workflow standards for enterprise process integration

  • Cross-organizational agent collaborations: Frameworks for agents to collaborate across organizational boundaries while maintaining governance

  • Hybrid Human-AI collaboration: Integrated frameworks bringing together human and AI agents in unified collaboration workflows

Preparing your organization for the multi-agent future

The A2A protocol offers a foundation for more sophisticated multi-agent systems that can work seamlessly across organizational and technical boundaries.

For technical leaders and architects, A2A provides an opportunity to:

  1. Break down AI silos by enabling specialized agents to coordinate on complex workflows

  2. Reduce vendor lock-in through standardized communication between agents from different providers

  3. Future-proof AI investments by ensuring new agent deployments can integrate with existing systems

  4. Accelerate the automation of cross-functional business processes previously requiring manual coordination

Organizations that adopt and implement A2A (and complementary standards like MCP) will be better positioned to navigate the complex AI ecosystem and leverage the collective intelligence of specialized agents working together. The question for enterprises is how to incorporate these interoperability standards into their AI strategy and architecture. Google is working with partners to launch a production-ready version of the protocol later this year.

Looking to implement AI trust into your organization? Discover the Snyk AI Trust Platform.

Explore the Snyk AI Trust Platform today.

AI innovation begins with trust. AI trust begins with Snyk.

Explore the Platform