# Concepts

## Environments

Environments is Lenses refer to your Kafka environments, but not just the brokers. Environments also contain supporting services such as Kafka Connect Clusters and Schema Registries.

In Lenses you can have 1 or more environments registered.  For each environment you get a agent key.

## Agents

Each environment needs a Lenses Agent. The agent that connects to your Kafka brokers and other services and proxies information and actions back and forth from Lenses.

Each agent is controlled by a [provisioning file](/latest/deployment/configuration/agent/automation.md). This file contains the connection details needed to connect to your services. 

{% hint style="info" %}
The minimum configuration is a agent key to establish the connection to Lenses. You get this once you have created an environment in Lenses. Don't worry if you lose it, it can be regenerated.
{% endhint %}

Once your agent is started, it will connect to HQ and establish connectivity with the services you configured in the provisioning file. 

You can also use Lenses to update the agents configuration, but naturally it needs to be started and connected first.

<figure><img src="/files/xFYSTcRzbw9fcchzdW52" alt=""><figcaption></figcaption></figure>

### MCP Server

Lenses MCP Server makes your Kafka infrastructure accessible to AI tools and agents. It implements the [Model Context Protocol](https://modelcontextprotocol.io/) standard, allowing Claude, Cursor and other AI applications to safely interact with Lenses and your multi-Kafka multi-vendor estate.

#### MCP Components

* **MCP Client**: Your AI tool (Claude, Cursor, etc.) that initiates requests. The client discovers what the MCP server can do and calls tools with parameters you specify in natural language.
* **MCP Server**: The Lenses MCP Server runs locally or in your infrastructure and acts as a bridge to Lenses HQ. It:
  * Validates OAuth tokens or API keys
  * Executes tools against Lenses APIs
  * Returns results formatted for AI consumption
* **MCP Tools**: Each capability exposed by the MCP Server (topics, connectors, SQL queries, environments, etc.) is a "tool" that your AI assistant can call.

#### Authentication & Security

The MCP Server supports **OAuth 2.1** as the primary authentication method, providing:

* **Secure token-based authentication** without sharing static keys
* **Scope-based authorization** (read, write, delete)
* **Token introspection** for every request
* **Enterprise security** suitable for production

API keys are supported as a fallback for backward compatibility and local testing.

See [OAuth 2.1 Configuration](https://docs.lenses.io/latest/user-guide/using/security/oauth-2.1) for details on setting up OAuth with the MCP server.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.lenses.io/latest/user-guide/getting-started/concepts.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.