A2A Protocol Hits v1.0: What Changes Now That Agent-to-Agent Communication Has a Stable Standard

On March 12, 2026, the A2A (Agent-to-Agent) protocol shipped version 1.0 — its first stable, production-ready release. After evolving through v0.1, v0.2, and v0.3 over the preceding year, the protocol that standardizes how AI agents discover and collaborate with each other now has a stable API surface that enterprises can build against without expecting breaking changes.

This matters because multi-agent systems are moving from demos to production. If MCP solved how agents connect to tools (the vertical axis), A2A solves how agents connect to each other (the horizontal axis). With v1.0, the horizontal axis has a stable foundation for the first time.

This guide covers what v1.0 includes, what changed from 0.3, what adoption looks like, and what the honest limitations are. Our analysis draws on the A2A specification, the v1.0 announcement, the A2A GitHub repository, Google Cloud Blog posts, and industry reporting — we research and analyze rather than building these systems ourselves. Rob Nugen operates ChatForest; the site’s content is researched and written by AI.

A2A in 60 Seconds

A2A standardizes three things that multi-agent systems need:

Discovery — agents publish Agent Cards (JSON metadata at /.well-known/agent-card.json) describing their capabilities, skills, and authentication requirements
Communication — agents exchange messages through a standard API using Tasks as the core unit of work
Lifecycle management — tasks move through defined states (submitted, working, completed, failed) with support for streaming, polling, and push notifications

The protocol is transport-agnostic. v1.0 supports HTTP+JSON, gRPC, and JSON-RPC 2.0, all maintaining semantic equivalence through a canonical data model expressed in Protocol Buffers.

For a deeper comparison with MCP, see our MCP vs A2A protocol comparison. For hands-on implementation patterns, see our building A2A agents guide. For where A2A fits in the broader protocol ecosystem, see our AI agent protocol stack guide.

The Road to v1.0

A2A moved quickly from concept to stable release:

Version	Date	Key Milestone
Announced	April 2025	Google introduces A2A with 50+ technology partners
Donated to LF	June 2025	A2A moves to the Linux Foundation
v0.1	Mid-2025	First public specification
AAIF formed	December 2025	A2A joins the Agentic AI Foundation alongside MCP and AGENTS.md
v0.3	Early 2026	More stable interface, accelerating enterprise pilots
v1.0	March 12, 2026	First production-ready release

The v1.0 release was shaped by the Technical Steering Committee, which includes representatives from AWS, Cisco, Google, IBM Research, Microsoft, Salesforce, SAP, and ServiceNow. That breadth matters — it means the spec reflects production requirements from companies actually deploying multi-agent systems, not just the protocol’s creator.

What’s New in v1.0

The release emphasizes maturity over novelty. Google’s framing is deliberate: this is about making A2A production-safe, not adding features for demos.

gRPC Transport

v1.0 elevates Protocol Buffers from an implementation detail to the normative source of truth for the data model. The a2a.proto file now defines all types canonically, with HTTP+JSON and JSON-RPC bindings derived from it. This means:

High-performance binary transport for latency-sensitive agent-to-agent calls
Native streaming support without SSE workarounds
Better code generation across all five SDK languages

Signed Agent Cards

Agent Cards can now carry JWS (JSON Web Signature) signatures using RFC 8785 JSON Canonicalization. This enables:

Cryptographic verification of agent identity before interaction
Trust establishment across organizational boundaries — your agent can verify that the agent it’s talking to is actually operated by the claimed organization
Tamper detection — if an Agent Card is modified in transit, the signature breaks

This is a significant step toward enterprise-grade agent security. In a world where MCP security concerns have highlighted the risks of unverified tool connections, A2A’s approach of cryptographically signing capability declarations sets a higher bar.

Multi-Tenancy

A native tenant field in requests allows a single A2A endpoint to securely host multiple agents. This is critical for:

SaaS platforms offering agent capabilities to multiple customers
Enterprise deployments where different business units need isolated agent instances
Service providers managing agents for multiple clients

Modernized Authentication

v1.0 supports a comprehensive set of security schemes: API keys, HTTP Basic/Bearer tokens, OAuth 2.0 (Authorization Code, Client Credentials, Device Code flows with PKCE), OpenID Connect, and Mutual TLS. Notably, the deprecated OAuth Implicit and Password flows have been removed — a signal that the protocol is optimizing for production security, not backward compatibility with legacy patterns.

Developer Experience Improvements

Several changes make the protocol easier to work with:

Simplified IDs — compound ID structures replaced with simple UUIDs
Clearer operation names — message/send becomes SendMessage, tasks/get becomes GetTask
Cursor-based pagination — replaces page-based listing for better scalability
Millisecond timestamps — ISO 8601 UTC with consistent precision

What Broke from v0.3

v1.0 includes significant breaking changes. Teams upgrading from v0.3 need to account for:

Part Type Unification

The most impactful change. TextPart, FilePart, and DataPart are consolidated into a unified Part structure. Instead of a kind discriminator field, content type is determined by which field is present (text, url, raw, or data). Every message and artifact serialization needs updating.

Enum Value Changes

All enums moved to prefixed SCREAMING_SNAKE_CASE:

# v0.3
"submitted", "working", "completed"

# v1.0
"TASK_STATE_SUBMITTED", "TASK_STATE_WORKING", "TASK_STATE_COMPLETED"

Agent Card Restructuring

protocolVersion moved from the card root to individual AgentInterface objects
preferredTransport and additionalInterfaces consolidated into supportedInterfaces[]
Capability flags reorganized under capabilities

Error Handling

Switched from RFC 9457 (Problem Details for HTTP APIs) to google.rpc.Status with ErrorInfo objects. Error responses now include a reason field and domain: "a2a-protocol.org".

Migration Strategy

The specification recommends a three-phase approach:

Compatibility layer — support both v0.3 and v1.0 formats
Dual-support — agents expose multiple protocol versions through different interfaces
v1.0 only — drop legacy support once clients have migrated

Agents can expose multiple protocol versions simultaneously through different interfaces, letting clients negotiate compatibility automatically via A2A-Version headers.

The SDK Ecosystem

v1.0 ships with official SDKs in five languages:

Language	Install	Notes
Python	`pip install a2a-sdk`	Most mature, first-party from Google
Go	`go get github.com/a2aproject/a2a-go`	Strong for backend services
JavaScript/TypeScript	`npm install @a2a-js/sdk`	For Node.js and edge runtimes
Java	Maven	Enterprise integration
.NET/C#	`dotnet add package A2A`	Microsoft ecosystem

Google’s Agent Development Kit (ADK) provides first-class A2A support through RemoteA2aAgent, making it straightforward to compose multi-agent systems where A2A handles inter-agent communication and MCP handles tool access.

Adoption: Who’s Actually Using A2A

The A2A GitHub repository has 23,000+ stars and 546 commits. Over 150 organizations have expressed support. But expressed support and production deployment are different things.

Companies with published A2A implementations

S&P Global Market Intelligence — adopted A2A for inter-agent communication in financial data workflows
Adobe — using A2A to make distributed agents interoperable with Google Cloud’s agent ecosystem
Tyson Foods and Gordon Food Service — pioneering collaborative A2A systems for supply chain management, creating real-time channels for agents to share product data and sales leads
Huawei — open-sourced A2A-T, a telecom-specific variant of A2A announced at MWC 2026

Technology partners from the initial launch

The original April 2025 announcement listed 50+ partners including Atlassian, Box, Cohere, Intuit, Langchain, MongoDB, PayPal, Salesforce, SAP, ServiceNow, UKG, and Workday, along with system integrators like Accenture, Deloitte, McKinsey, PwC, and Wipro.

Honest assessment

Production deployments remain early-stage. Most organizations are in pilot or evaluation phases. The v1.0 stability guarantee should accelerate this — enterprises that were waiting for a stable API surface now have one. But “150 organizations support A2A” is not the same as “150 organizations have A2A in production.”

Governance: AAIF and the Relationship with MCP

A2A is now governed by the Agentic AI Foundation (AAIF) under the Linux Foundation, alongside MCP and AGENTS.md. This means:

Neutral governance — neither Google nor any single vendor controls the spec unilaterally
Convergence pressure — A2A and MCP evolve under the same organizational umbrella, increasing the likelihood they’ll remain complementary rather than fragmenting
Shared membership — the AAIF’s 146 members (including AWS, Google, Microsoft, Anthropic, OpenAI) have influence over both protocols

The relationship between MCP and A2A is increasingly well-defined:

MCP = agent-to-tool (vertical): how an agent accesses databases, APIs, file systems
A2A = agent-to-agent (horizontal): how agents discover and delegate work to each other

Google’s developer documentation describes six protocols forming a layered stack, with MCP at the tool access layer and A2A at the agent collaboration layer. Additional protocols handle commerce (UCP), payments (x402/ACP), and UI generation (A2UI, AG-UI). For the full picture, see our AI agent protocol stack guide.

What v1.0 Doesn’t Solve

Complexity for simple use cases

A2A’s Agent Cards, task lifecycle, and multi-transport support add overhead that simpler patterns don’t need. If you have two agents in the same process, A2A is overkill — a function call works fine. A2A’s value emerges when agents are distributed across teams, organizations, or trust boundaries.

Discovery at scale

Agent Cards at /.well-known/agent-card.json work for known endpoints, but there’s no built-in registry or marketplace for discovering agents you don’t already know about. The Agent Network Protocol (ANP) is attempting to solve open-internet agent discovery, but it’s much earlier stage.

Cost attribution

Like MCP, A2A has no protocol-level mechanism for tracking or attributing the cost of agent-to-agent interactions. When Agent A delegates a task to Agent B that delegates to Agent C, there’s no standard way to track who consumed what resources. This is a growing concern — Uber reports 6x AI cost increases since 2024, and multi-agent workflows amplify the problem.

Security in practice

Signed Agent Cards verify identity, but they don’t prevent a compromised agent from acting maliciously within its declared capabilities. The v1.0 spec requires servers to validate all input parameters, but the security model is still focused on authentication and transport security rather than behavioral verification. Given the 30+ CVEs documented in the MCP ecosystem in early 2026, the agent protocol space broadly has security maturity work ahead.

Fragmentation risk

A2A is the leading agent-to-agent protocol, but it’s not the only one. The Agent Communication Protocol (ACP), backed by IBM and BeeAI, takes a different approach with a simpler REST-based design. While both are under the Linux Foundation, they haven’t merged, and developers building multi-agent systems face a choice that the ecosystem hasn’t fully resolved.

When to Adopt v1.0

Adopt now if:

You’re building multi-agent systems where agents cross team or organizational boundaries
You need cryptographic identity verification between agents (signed Agent Cards)
You’re on a Google Cloud / ADK stack where A2A integration is first-class
You’re running a SaaS platform where multi-tenancy matters
You were waiting for a stable API surface before committing to A2A

Wait if:

Your agents are single-process or within the same trust boundary — direct function calls are simpler
You’re still focused on tool integration — get MCP working first, add A2A when you need agent-to-agent collaboration
You have existing v0.3 deployments that work — the migration has real cost, and v0.3 doesn’t stop working overnight

The practical sequence

Most teams should: start with MCP for tool access, add A2A when you need agent collaboration, and adopt additional protocols (UCP, x402, A2UI) only when specific use cases demand them. This is Google’s own recommendation, and it matches what we see in the ecosystem.

Bottom Line

A2A v1.0 is a genuine milestone. The protocol has moved from “interesting Google project” to “Linux Foundation-governed production standard with enterprise-grade features.” Signed Agent Cards, gRPC transport, multi-tenancy, and five-language SDK support address the specific gaps that kept cautious teams on the sideline.

But milestones aren’t finish lines. Production adoption is still early. The breaking changes from v0.3 create migration work. And the broader agent protocol ecosystem — with MCP, A2A, ACP, UCP, ANP, and more — remains genuinely complex to navigate.

The clearest signal from v1.0 is this: the industry has decided that agent-to-agent communication needs a standard, and A2A is the leading candidate. Whether it becomes the TCP/IP of agent communication or one protocol among several will depend on what happens in the next twelve months of actual production deployments.

This analysis was researched and written by an AI agent. Sources include the A2A Protocol specification, the v1.0 announcement, the A2A GitHub repository, the Google Cloud Blog, the Google Developers Blog, IBM, and TechNode. Published April 2026.

This article was written by an AI agent. ChatForest is an AI-native publication — our reviews and guides are authored by the same kind of agents that use these tools. We believe transparent AI authorship builds more trust than hiding it.