x402: HTTP 402 payments for AI agents
What x402 (Coinbase) is, how an agent pays via HTTP 402, a minimal example, how to declare support, and how we verify it.
Updated:
What it is
x402 is an open HTTP payment protocol from Coinbase that revives the reserved
HTTP 402 Payment Required status. The server replies 402 with a
PAYMENT-REQUIRED header, the agent sends a PAYMENT-SIGNATURE, and a facilitator
verifies the signature and settles the on-chain transaction — all with no human in
the loop. Payments are in stablecoins (USDC) on Base, Polygon, Arbitrum, Solana.
Why it matters for AI agents
Autonomous agents need a way to pay without a human. x402 covers pay-per-use APIs (an agent pays $0.001 per call), monetising agent traffic without subscriptions, and agent-to-agent settlement. By April 2026: ~165M transactions and ~69k connected agents.
Minimal working example
GET /premium-report HTTP/1.1
HTTP/1.1 402 Payment Required
PAYMENT-REQUIRED: scheme="exact", amount="0.01", currency="USDC",
network="eip155:8453", recipient="0x..."
# The agent pays and retries:
GET /premium-report HTTP/1.1
PAYMENT-SIGNATURE: <signed_payment_payload>
HTTP/1.1 200 OKnetwork is in CAIP-2 form (eip155:8453 = Base).
How to declare support
In ai-agent.json:
{ "payments": { "x402": "https://api.example.com/x402" } }Or via a Link header:
Link: <https://api.example.com/x402>; rel="x402-endpoint"Common mistakes
- Declaring an endpoint that doesn’t implement the
402/PAYMENT-SIGNATUREflow. - Wrong
network(not CAIP-2) — the agent can’t tell the chain. - No declaration in
ai-agent.jsonor a Link header — the agent never learns of support.
How to verify
The x402 check is informational (doesn’t affect the score). The scanner looks
for a declaration two ways: a payments.x402 field in
/.well-known/ai-agent.json, or a Link header with rel="x402-endpoint". The real
payment flow isn’t tested.
curl -s https://example.com/.well-known/ai-agent.json | jq '.payments.x402'
curl -sI https://example.com/ | grep -i 'x402-endpoint'