This article is relevant if you are a technically-oriented NetSuite executive or professional trying to understand what the Model Context Protocol (MCP) is and why it matters in NetSuite AI discussions.
TL;DR Summary
The Model Context Protocol (MCP) is a standard that allows AI applications such as ChatGPT and Claude to interact with systems like NetSuite. It is a protocol that defines how systems communicate. NetSuite implements MCP through the AI Connector, ships the “MCP Standard Tools” SuiteApp, and provides a framework for creating your own custom tools. Understanding both the protocol and NetSuite’s implementation choices helps separate marketing hype from architectural reality and supports more thoughtful AI initiatives.
Background
In recent months we have been receiving more calls from executives who are excited about AI but unsure how to approach this rapidly evolving technology to unlock business value. They hear terms such as LLM, AI client, MCP server, and custom tools. They sense opportunity but struggle to distinguish foundational architecture from marketing language.
In a prior article, we outlined how to connect NetSuite to ChatGPT and Claude using NetSuite’s AI Connector. That piece focused on the mechanics. Here, we step back and explain the underlying protocol that makes this possible and why its design decisions matter from an enterprise architecture perspective.
Before going further, it helps to establish a few basic definitions.
Definition of Terms
The technology community is notorious for (often 3-letter) acronyms that can easily get overwhelming. The domain of AI is no different. Here is an overview of the common terms you will encounter in this article and other AI-related materials. Feel free to skip this section if you are already familiar with these terms and their usage.
| Term / Acronym | Definition |
|---|---|
| AI (Artificial Intelligence) | A field of computer science that focuses on developing intelligent systems that can mimic human reasoning or decision-making processes without following an imperative concise set of instructions. |
| Generative AI (Gen AI) | A subset of AI focused on generating new content such as text, summaries, forecasts, or code based on patterns in training and contextual data. In the article, when we refer to AI we are almost always referring to Generative AI. However, it is important to remember that AI as a computer science discipline is much broader. |
| LLM (Large Language Model) | A type of AI model trained on large volumes of text and data that can understand and generate natural language. LLMs have broad training, but no awareness of your specific NetSuite data unless context is provided through mechanisms such as RAG or MCP. |
| RAG (Retrieval-Augmented Generation) | A technique where the AI retrieves relevant real-time information from systems or specific documents and uses that context when generating responses. |
| AI Application | Software that interacts with an AI model and may connect to external systems like NetSuite (via MCP or other protocols and APIs) in order to fulfill user requests expressed in natural language. Note: The NetSuite documentation often uses the term AI Client to refer to the AI application. We avoid this term as it may easily be confused with the MCP client which is related, but not necessarily identical, to the AI application. Other terms may be used to distinguish AI applications that focus on read-only operations/generation of insights (AI Assistant) from those that are able to produce actions e.g., mutate a record in NetSuite (AI Agent). |
| MCP (Model Context Protocol) | An open source protocol that defines how AI applications communicate generically with arbitrary external systems such as NetSuite using structured requests, responses, and discovery. We will delve deeper into MCP shortly. Note that RAG and MCP both help to improve LLM outputs by providing relevant context. However, they do so in different ways. See this Google Cloud article for a decent comparison. |
| Hallucination | When an AI model generates output that sounds plausible but is not grounded in actual data or facts. In a NetSuite context, this can manifest as the model inferring or fabricating values, records, APIs, or insights that are non-existent or incorrect. Hallucination is inherent in the technology which is fundamentally probabilistic. |
What is MCP?
The key idea is simple: MCP is a protocol. It defines how AI applications and external systems communicate. It does not guarantee intelligence, correctness, or business value. Those outcomes depend on architecture and execution.
A helpful comparison is the Hypertext Transfer Protocol (HTTP). HTTP defines how web browsers and web servers exchange information. It enabled the modern web, yet it does not dictate what a website should look like or what business logic it should implement. It simply standardizes communication.
MCP serves a similar purpose in the AI ecosystem. It defines how AI applications discover capabilities in external systems, request context, and invoke actions. Through MCP, an AI application can retrieve information from NetSuite or execute controlled operations while respecting system boundaries and permissions.
Because it is a protocol, MCP offers the classic benefits of standardization:
- Interoperability across vendors
- Predictable communication formats
- Reduced need for custom integrations
- A shared foundation for innovation
However, like all protocols, implementation details may vary. The MCP specification provides guidance; vendors like Oracle NetSuite, Microsoft, Google, Anthropic, and OpenAI decide which capabilities to support and how to implement them. This is still an emerging technology and we should expect continued evolution across the ecosystem.
The MCP Architecture From a NetSuite Perspective
Architecturally, MCP follows a client-server model.
When an AI application such as Claude connects to NetSuite, the AI application acts as the MCP host and creates an MCP client responsible for communicating with the MCP server. In this scenario, NetSuite acts as the MCP server.
The MCP client maintains a dedicated point-to-point connection to a specific NetSuite account. NetSuite requires this connection to be authorized using OAuth 2.0 Authorization Code Grant with PKCE and must be established using a non-Administrator role. Once connected, the client discovers which MCP capabilities are available in the account.
The protocol organizes functionality across both server and client responsibilities.
Key Features of MCP
MCP Server Concepts
- Tools: Executable actions exposed by the server, such as creating records or running reports. Tools provide the primary mechanism for retrieving data or triggering operations in NetSuite.
- Resources: Passive data sources that provide read-only access to information for context (e.g. the chart of accounts can be exposed as a resource).
- Prompts: Predefined prompt templates that the server can offer to the client as “recipes”.
MCP Client Concepts:
- Elicitation: Structured data gathering from the user to support tool execution. When you are requested to confirm an action before your AI application proceeds with performing an action in your NetSuite account, that’s elicitation at play.
- Roots: Context boundaries to define what data or systems the AI can access.
- Sampling: Mechanisms for managing model interactions and responses.
Additionally, there are more advanced features that extend the core MCP specification. However, such features are beyond the scope of this article and not quite relevant in the NetSuite context as they are currently unavailable in NetSuite’s offering. The interested reader is welcome to visit https://modelcontextprotocol.io to learn more.
NetSuite’s MCP Support
NetSuite’s MCP implementation currently focuses primarily on tools. Other MCP capabilities are not yet implemented in the platform at the time of writing.
NetSuite supports MCP applications and users in three primary ways:
- The NetSuite AI Connector
- The MCP Standard Tools SuiteApp
- A framework for building custom MCP tools
The Standard Tools SuiteApp exposes a set of general purpose tools for interacting with NetSuite data. This allows organizations to readily benefit from MCP with a mere deployment of the SuiteApp and straightforward configuration. Organizations can also build custom tools to expose business specific functionality.
NetSuite has also made several important implementation decisions.
- Authorization: NetSuite requires OAuth 2.0 Authorization Code Grant with PKCE. While the MCP specification recommends authorization, the specific method is left to the vendor. NetSuite’s choice is secure but may limit compatibility with some AI applications that do not support this flow.
- Outbound HTTPS Calls: NetSuite MCP custom tools do not support outbound HTTPS calls. As a result, tools can only expose data within NetSuite. Alternative architectures can address this limitation; we will cover those patterns in future articles.
- Role-Based Security: AI does not override NetSuite’s role permission-based security model. All tool behavior is governed by the permissions of the NetSuite role used for the MCP connection. For example, if the role lacks permission to create a vendor, any attempt to create one will fail; if the role lacks access to financial data, SuiteQL queries for GL balances will return nothing, etc. This is not mandated by the MCP specification but a prudent implementation decision that enables organizations to control access and maintain permissions in NetSuite using standard practices.
A Closer Look at MCP Tools
Because tools are the core of NetSuite’s MCP implementation, it is helpful to understand what they are.
An MCP tool is a function that encapsulates logic to perform a specific operation such as creating a record, running a report, or doing something business-specific. In NetSuite, these tools are implemented using JavaScript just like other SuiteScript functions.
Each tool also includes metadata defined in JSON. This metadata describes the tool’s purpose, expected inputs, and outputs so the AI application can determine when and how the tool should be used.
Importantly, the actual source code is not exposed to the AI application. The model only sees the structured description of the tool.
Understanding MCP By Example
To make the concepts described so far more tangible, consider a simple interaction where a user asks an AI application to retrieve the most recently created vendor from NetSuite. This is the same example we used to validate our MCP connection to NetSuite during our prior video tutorial on How to Connect NetSuite to ChatGPT and Claude Using the MCP-Based AI Connector.
- Establishing Connection: The AI application connects to NetSuite through the MCP-based AI Connector Service and discovers available tools. This is a one-time configuration step with an occasional refresh when tokens expire.
- Prompting: The user submits a natural language request.
- Reasoning: This is where it gets interesting. The LLM interprets the request and determines that the answer requires data from NetSuite. The AI Application acts as an execution environment, exposing available tools to the LLM, validating inputs, and executing calls as directed by the LLM.
- Tool Execution: The MCP client invokes one or more tools exposed by NetSuite. For example, the model may retrieve the vendor table schema and generate a SuiteQL query to retrieve the most recent vendor. It thus combined pre-trained knowledge on SuiteQL and the dynamic vendor table schema from the NetSuite account to produce a working query.
- Output Generation: The retrieved data is synthesized into a natural language response for the user.
Common NetSuite’s MCP Misconceptions
- Myth: MCP is a NetSuite invention
Reality: MCP is a protocol adopted by multiple vendors including NetSuite. - Myth: NetSuite can only connect to ChatGPT and Claude
Reality: Those are the prominent applications that currently meet NetSuite’s implementation requirements. Other AI applications may support it over time. Any AI application that understands MCP and can authenticate to NetSuite’s specification can use NetSuite’s MCP service. - Myth: NetSuite’s MCP offering is limited to the tools in the MCP Standard Tools SuiteApp
Reality: Custom tools can expose client-specific functionality; this is a powerful capacity that should be leveraged more and will be the subject of a subsequent article. - Myth: MCP eliminates hallucinations
Reality: While MCP provides grounded data access, it does not eliminate model reasoning errors. Hallucinations are inherent in AI. System design should always take this reality into account and attempt to detect and minimize hallucination, not pretend that we can completely eliminate it. - Myth: MCP automatically ensures security and compliance
Reality: Security depends on careful role design, authentication practices, and governance. - Myth: If a tool exists, the AI will use it perfectly
Reality: Tool usage depends on prompt design, context modeling, and thoughtful implementation. It is up to the LLM to decide which tool(s) to invoke, if any, when to invoke them, and in what sequence to invoke them.
Prolecto’s Recommendations for Unlocking AI-Driven Business Value
First, get familiar with the out-of-the-box tools. They provide a sandbox to understand how MCP interactions behave in your account.
Second, drive your AI initiatives from business use cases. Not every problem is an AI problem. We describe suitable candidates as “fuzzy problems” (see our earlier article on this subject, Large Language Models, Fuzzy Problems, and NetSuite); scenarios involving interpretation, summarization, or contextual reasoning rather than deterministic transaction processing.
Third, do not feel limited by NetSuite’s current MCP feature set. Custom tools and alternative architectures can overcome present constraints. We are already leveraging these patterns to build AI applications aligned to specific operational needs.
The real differentiator is not whether you have MCP enabled; it is whether you model your business problems correctly and align AI capabilities with sound system architecture.
We view MCP as infrastructure. It is foundational, like HTTPS. But infrastructure alone does not create value. Craftsmanship does.
At Prolecto, we focus on disciplined modeling, secure design, and thoughtful execution. We offer intellectual property, algorithms, and integration patterns without license charges; our value is in expertise, listening, modeling, and delivery. We believe in helping clients maximize their NetSuite investment while building durable AI capability.
If you found this article relevant, feel free to sign up for notifications to new articles as we post them. If you are ready to design a grounded and secure NetSuite AI architecture, let’s have a conversation.
