A2A
A2A is an open protocol that lets AI agents built on different frameworks communicate and work together securely without exposing their internal logic or tools. It enables agents to discover each other, negotiate how they'll interact, and collaborate on complex tasks as opaque services rather than as simple tool integrations.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | a2aproject/A2A |
| Owner | a2aproject |
| Primary language | Shell |
| License | Apache-2.0 — OSI-approved |
| Stars | 24.7k |
| Forks | 2.5k |
| Open issues | 209 |
| Latest release | v1.0.1 (2026-05-28) |
| Last updated | 2026-07-07 |
| Source | https://github.com/a2aproject/A2A |
What A2A is
A2A uses JSON-RPC 2.0 over HTTP(S) to enable agent-to-agent communication with standardized discovery via Agent Cards, flexible interaction modes (synchronous, streaming via SSE, asynchronous push), and support for text, files, and structured data exchange. Built with enterprise requirements in mind including authentication, observability, and long-running task support.
Get the A2A source
Clone the repository and explore it locally.
git clone https://github.com/a2aproject/A2A.gitcd A2A# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Agents must expose themselves as A2A servers; requires SDK integration (Python, Go, JS, Java, .NET, Rust available) or custom implementation of JSON-RPC 2.0 + Agent Card spec.
- Discovery and client-side orchestration logic must handle Agent Card parsing, capability negotiation, and task lifecycle management—consider building or adopting orchestration tooling.
- Authentication and authorization schemes must be implemented; protocol supports multiple schemes but integration responsibility lies with implementation teams.
- Streaming and asynchronous push notification reliability depend on network and server stability; monitoring and error handling for long-running tasks are critical.
- Protocol is v1.0.1 (released May 2026); expect evolving enhancements to agent discovery, UX negotiation, and client-initiated methods per roadmap.
When to avoid it — and what to weigh
- Simple Tool Integration Needs — If you just need one agent to call functions or APIs, A2A adds unnecessary protocol overhead. Standard tool/plugin patterns or MCP alone may suffice.
- No Agent-to-Agent Collaboration Required — A2A is designed for agent-to-agent communication. If your system only needs agents to interact with external APIs or databases, simpler patterns are more efficient.
- Real-Time, Ultra-Low-Latency Requirements — HTTP(S)-based communication introduces network latency. For microsecond-critical systems, consider lower-level inter-process communication or message queues.
- Legacy Monolithic Agent Systems — A2A requires agents to expose themselves as services with standardized interfaces. Tightly coupled or proprietary agent implementations would need significant refactoring.
License & commercial use
Licensed under Apache License 2.0, a permissive OSI-approved open-source license allowing modification, distribution, and private use with attribution and license copy retention.
Apache 2.0 permits commercial use without explicit per-use fees. However, review your organization's compliance requirements and any third-party SDK or service dependencies. No warranty is provided; liability is disclaimed. For production deployments, consult legal and security teams.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | High |
| DEV.co fit | Strong |
| Assessment confidence | High |
A2A protocol is designed with authentication and enterprise security in mind, but implementation security depends on: (1) correct SDK/implementation of JSON-RPC 2.0 and Agent Card handling; (2) TLS configuration for HTTP(S); (3) authorization scheme implementation (not mandated by spec); (4) agent input validation and output sanitization; (5) secure credential management in Agent Cards. Conduct security review of chosen SDK and your orchestration logic. No independent security audit data provided.
Alternatives to consider
LangGraph / LangChain Agent Orchestration
Simpler if all agents run on compatible frameworks; tighter coupling but faster prototyping. Does not solve cross-organization or opaque agent collaboration.
Model Context Protocol (MCP)
Designed for agent-to-tool binding and resource sharing, not agent-to-agent collaboration. Complementary to A2A for broader integration ecosystems.
Custom REST API + Orchestration Layer
Maximum flexibility and control but requires bespoke schema design, versioning, discovery, and governance. No standardized protocol—higher maintenance burden.
Build on A2A with DEV.co software developers
Explore the A2A protocol documentation, review the SDKs for your tech stack, and assess integration complexity with your agent frameworks. Contact us to discuss production deployment strategy and security requirements.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
A2A FAQ
Is A2A production-ready?
Do all agents need to use the same framework?
How does A2A differ from just calling agent APIs?
What support or SLA is available?
Software development & web development with DEV.co
From first prototype to production, DEV.co delivers software development services around tools like A2A. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across ai frameworks and beyond.
Ready to Build Multi-Agent Systems with A2A?
Explore the A2A protocol documentation, review the SDKs for your tech stack, and assess integration complexity with your agent frameworks. Contact us to discuss production deployment strategy and security requirements.