# acp ## What is ACP? **ACP (Agentic Commerce Protocol)** is an open agentic checkout protocol from **OpenAI and Stripe** (endorsed by Meta). It lets AI agents complete purchases — cart, shipping, payment — via **Shared Payment Tokens** without exposing the user's payment details. Released on September 29, 2025 in beta; live transactions on Etsy, Shopify (1M+ transactions), and Walmart. ## Why do you need ACP? Without a standard protocol, an agent cannot complete checkout autonomously: it would need the user's actual card data or manual confirmation of every payment. ACP solves this with **Shared Payment Tokens**: 1. The user authorizes the agent once via OAuth 2.0 delegation. 2. The agent receives a token — not card data, but permission to transact. 3. Stripe processes the payment without exposing card details to the agent. Key ACP capabilities: | Capability | Description | |------------|-------------| | **Agentic checkout** | Cart, shipping, and payment in a single agent flow | | **Shared Payment Tokens** | Payment without exposing card details | | **OAuth 2.0 delegation** | User explicitly delegates rights to the agent | | **MCP transport** | Native integration with [MCP servers](/glossary/mcp-server-card) | ## How do you implement ACP? ACP uses native MCP transport, making it straightforward to embed checkout in existing MCP servers: ```json { "payments": { "acp": "https://api.example.com/acp" } } ``` Or via a Link header: ```http Link: ; rel="acp-endpoint" ``` Full flow: agent obtains a Shared Payment Token via OAuth 2.0 → builds the cart → calls the ACP checkout endpoint → Stripe settles the transaction. Merchant documentation: `docs.stripe.com/agentic-commerce/acp`. ## How do we check ACP? The ACP check in the scanner is **informational** (does not affect the main score). The scanner checks for protocol support declaration in two ways: 1. GET `/.well-known/ai-agent.json` → `payments.acp` field 2. HEAD `/` → Link header with `rel="acp-endpoint"` The actual checkout flow, OAuth delegation, and settlement via Stripe are not tested. If a declaration is found → `pass`, if absent → `fail`. [← All glossary terms](/en/glossary)