AUTONOMOUS COMMERCE

How Do AI Agents Pay for APIs?

Under the x402 protocol, an AI agent pays for API access in four steps, entirely in code: it calls a gated endpoint, receives an HTTP 402 with payment requirements, signs and submits an on-chain payment, and retries the original call with a payment-proof header. The server verifies the proof on-ledger and returns the result.

Quick facts

  • Step 1: Agent calls a gated endpoint (e.g. POST /tools/premium-query).
  • Step 2: Server responds HTTP 402 with X-Payment-Requirements (destination, amount, currency).
  • Step 3: Agent's middleware signs and submits the payment on-chain (XRPL/Xahau confirm in ~3 seconds via mcp-x402-xrpl).
  • Step 4: Agent retries with X-Payment-Proof (tx hash, ledger index, payer); server verifies on-ledger and returns 200 OK.

Frequently asked questions

Does the agent need a human to approve each payment?

No. The agent's wallet and middleware are configured ahead of time (e.g. a maxPaymentDrops safety cap), and every payment within that policy happens without a human in the loop.

What stops an agent from overspending?

Middleware like mcp-x402-xrpl's createX402Middleware accepts a maxPaymentDrops cap per request as a safety limit.

Can an agent check the price before paying?

Yes, where a pre-flight quote endpoint is offered — for example SqueezeOS exposes GET /x402/quote?tool=<toolId>, returning the exact cost and a 60-second-valid quote before any payment is made.

Related