Connect Your AI Agent to Stripe: A Developer Guide to Agentic Payments, SPTs, and Usage-Based Billing
The agent-commerce stack just changed
Stripe processed $1.9 trillion in payment volume in 2025, up 34% year-over-year. In early 2026, they shipped something that changes the game for AI agent developers: the Agentic Commerce Suite -- a set of APIs and protocols that let AI agents handle payments autonomously, securely, and at scale.
This is not another "Stripe for bots" wrapper. It introduces a fundamentally new payment primitive -- Shared Payment Tokens (SPTs) -- alongside support for the x402 protocol and an open Agentic Commerce Protocol (ACP). Major partners are already on board: Microsoft Copilot, Anthropic, Perplexity, Vercel, Manus, and more.
For developers building AI agent workspaces, this means you can now create agents that browse catalogs, negotiate prices, and complete purchases -- all without exposing payment credentials. And you can package that capability into a reusable workspace template.
What Stripe shipped: the three layers
Layer 1: Shared Payment Tokens (SPTs)
SPTs are the core innovation. They solve a fundamental trust problem: how does a buyer let an AI agent spend money on their behalf without giving it their credit card number?
How SPTs work:
Buyer AI Platform Merchant (You)
| | |
|-- "Buy this for $49" --> | |
| |-- Creates SPT --------> |
| | (scoped: $49 max, |
| | seller: you, |
| | expires: 1 hour) |
| | |
| | Creates PaymentIntent
| | with SPT identifier
| | |
| | Stripe clones payment
| | method internally
| | |
| | <-- Confirmation ------ |
| <-- "Purchased!" ------- | |
Key properties of SPTs:
| Property | What it means |
|---|---|
| Programmable | Scoped to a specific seller, bounded by time and amount, observable throughout lifecycle |
| Fraud-protected | Powered by Stripe Radar -- relays risk signals for disputes, card testing, stolen cards, issuer declines |
| Easy to integrate | Works directly with PaymentIntents -- minimal changes to existing Stripe integrations |
| Processor-agnostic | Businesses not on Stripe can forward SPTs to their own vaults or other processors |
Layer 2: The x402 protocol
For machine-to-machine payments, Stripe supports the x402 protocol -- a thin layer that uses HTTP status code 402 (Payment Required) as a native paywall mechanism.
Agent Paid API Service
| |
|-- GET /premium-data -------> |
| |
| <-- 402 Payment Required --- |
| { payment_address, |
| amount, currency } |
| |
|-- Remit payment -----------> |
| |
|-- GET /premium-data -------> |
| <-- 200 OK + data ---------- |
Alongside x402, Stripe also supports the Machine Payments Protocol (MPP), which uses sessions rather than per-request transactions. An agent authorizes a spending limit upfront and streams micropayments against it -- better for high-frequency agent interactions.
The practical takeaway: if you build a workspace template that integrates with Stripe, it can accept payments from agents on any protocol.
Layer 3: Agentic Commerce Protocol (ACP)
ACP is an open standard that provides shared technical language between AI agents and businesses. It handles product discovery, checkout orchestration, and order lifecycle management. The Agentic Commerce Suite sits on top of ACP as a low-code implementation.
Integrating Stripe into an AI agent workspace
Option 1: Stripe MCP server
The fastest path is using Stripe's MCP (Model Context Protocol) server. This gives your agent direct access to Stripe's API through a standardized tool interface.
MCP configuration (.openclaw/mcp.json):
{
"mcpServers": {
"stripe": {
"command": "npx",
"args": ["-y", "@stripe/mcp", "--tools=all"],
"env": {
"STRIPE_SECRET_KEY": "${STRIPE_SECRET_KEY}"
}
}
}
}
With this configuration, your agent gains access to Stripe tools including:
create_payment_link-- Generate shareable payment URLscreate_invoice-- Draft and send invoiceslist_customers-- Search and filter customer recordscreate_subscription-- Set up recurring billingretrieve_balance-- Check account balancelist_payment_intents-- Query payment history
Option 2: Direct API integration via skills
For more control, create a custom skill that wraps the Stripe API:
# Stripe Payment Skill
## Tools Required
- http_request
## Process Payment
When asked to process a payment:
1. Validate the amount and currency with the user
2. Create a PaymentIntent via POST to https://api.stripe.com/v1/payment_intents
3. Include headers: Authorization: Bearer ${STRIPE_SECRET_KEY}
4. Set amount (in cents), currency, and payment_method
5. Confirm the PaymentIntent
6. Report the status to the user
## Guardrails
- NEVER process payments above $500 without explicit user confirmation
- ALWAYS display the exact amount and recipient before confirming
- Log every payment attempt to the workspace audit trail
Option 3: SPT receiver integration
If your agent acts as a merchant receiving payments from other AI agents:
// Handle incoming SPT from an AI platform
const stripe = require('stripe')(process.env.STRIPE_SECRET_KEY);
async function handleAgentPurchase(sptId, amount, currency) {
// Create PaymentIntent using the SPT
const paymentIntent = await stripe.paymentIntents.create({
amount: amount,
currency: currency,
payment_method_data: {
type: 'shared_payment_token',
shared_payment_token: { token: sptId }
},
confirm: true,
});
return paymentIntent.status; // 'succeeded'
}
Building a payment-capable workspace template
A well-structured payment agent template separates concerns into three layers:
Template directory structure
stripe-billing-agent/
├── SOUL.md # Agent personality + payment guardrails
├── AGENTS.md # Agent capabilities and boundaries
├── skills/
│ ├── stripe-payments.md # Payment processing skill
│ ├── invoice-management.md # Invoice creation and tracking
│ └── subscription-ops.md # Subscription lifecycle management
├── .openclaw/
│ └── mcp.json # Stripe MCP server config
├── .env.example # Required environment variables
└── README.md # Setup instructions
The SOUL.md: defining payment behavior
# Billing Operations Agent
You are a billing operations agent for {{COMPANY_NAME}}.
You help the team manage payments, invoices, and subscriptions
through Stripe.
## Core responsibilities
- Create and send invoices for completed work
- Monitor subscription status and flag churn risks
- Process refunds when approved by a team member
- Generate weekly billing reports
## Payment guardrails
- You MUST show the exact amount and recipient before any payment action
- You MUST NOT process refunds exceeding $200 without manager approval
- You MUST NOT modify subscription pricing without explicit authorization
- You MUST log every financial action with timestamp and reason
- You MUST use test mode (sk_test_*) in development environments
## Tone
Professional and precise. When dealing with money, clarity
beats brevity. Always confirm amounts in the user's local currency.
Environment variables
# .env.example -- users provide their own keys
STRIPE_SECRET_KEY=sk_live_... # or sk_test_... for development
STRIPE_WEBHOOK_SECRET=whsec_... # for webhook verification
COMPANY_NAME=Acme Corp # used in SOUL.md template
REFUND_APPROVAL_THRESHOLD=200 # max refund without approval
The critical rule: never hardcode API keys in a template. Use ${VARIABLE} placeholders in MCP configs and document what each variable does in your README.
Usage-based billing with agent workspaces
One of the most practical applications is building an agent that manages usage-based billing -- tracking API calls, compute time, or message volume and billing customers accordingly.
The billing loop
Customer uses your service
|
v
Agent monitors usage via Stripe Meters
|
v
Usage crosses billing threshold
|
v
Agent creates invoice line items
|
v
Stripe charges on billing cycle
|
v
Agent notifies customer with summary
Stripe Meters integration
# Usage Tracking Skill
## Monitor Usage
Every hour:
1. Query the usage meter via GET /v2/billing/meter_events
2. Compare current usage against plan limits
3. If usage exceeds 80% of limit, alert the customer
4. If usage exceeds 100%, either:
a. Apply overage pricing (if configured), or
b. Notify the customer and suggest an upgrade
## Generate Usage Report
When asked for a usage report:
1. Query meter events for the current billing period
2. Group by customer and product
3. Calculate total cost at current pricing
4. Format as a table with columns: Customer, Product, Usage, Cost
Security considerations for payment templates
Payment-capable templates carry higher security stakes than typical workspace configurations. Follow these non-negotiable practices:
1. Principle of least privilege
Use restricted Stripe API keys. If your agent only needs to create invoices, create a key with only invoices:write permission. Never use a full-access secret key in production.
2. Webhook signature verification
const event = stripe.webhooks.constructEvent(
requestBody,
signature,
process.env.STRIPE_WEBHOOK_SECRET
);
Always verify webhook signatures. An agent that processes unverified webhooks is an open door for payment fraud.
3. Amount boundaries
Define hard limits in your SOUL.md and enforce them in your skills. A billing agent that can process unlimited refunds is a liability.
4. Audit logging
Every financial action should be logged with: timestamp, action type, amount, currency, Stripe object ID, and the user who authorized it. This is not optional -- it is a compliance requirement for most businesses.
5. Test mode isolation
Templates should default to Stripe test mode (sk_test_*). Document clearly how to switch to live mode and what verification steps to complete first.
What is next for agentic payments
The agentic commerce landscape is moving fast. Here is what to watch:
- SPT expansion: Stripe is extending SPT support to more payment methods beyond cards -- bank transfers, digital wallets, and BNPL are on the roadmap
- Identity resolution: Stripe is building logic to help sellers recognize customers across different AI agent surfaces -- solving the "is this the same person buying through ChatGPT vs. Perplexity?" problem
- Real-time fraud signals: As agent-initiated payment volume grows, Stripe Radar is training on agent-specific fraud patterns that differ from human checkout behavior
- ACP adoption: As more AI platforms adopt the Agentic Commerce Protocol, the integration surface for workspace templates will stabilize
For template creators, the opportunity is clear: payment-capable workspace templates are among the highest-value configurations you can build. A well-designed Stripe billing template saves teams weeks of integration work and codifies security best practices that most developers would otherwise learn through expensive mistakes.
Browse existing payment and billing templates on community marketplaces like ClawAgora, or package your own Stripe integration as a template for others to use.
FAQ
What are Shared Payment Tokens (SPTs) and how do AI agents use them?
SPTs are a new Stripe payment primitive designed for agentic commerce. When an AI agent initiates a purchase on behalf of a user, it receives an SPT scoped to a specific seller, bounded by time and amount. The agent passes the SPT to the merchant, who creates a PaymentIntent with it. The buyer's actual payment credentials are never exposed to the agent or the merchant directly -- Stripe clones the payment method behind the scenes. This makes agent-initiated payments secure by default.
Can I accept Stripe payments from AI agents without changing my existing integration?
Mostly yes. SPTs work directly with Stripe PaymentIntents, so if you already use the standard Stripe API, the integration is minimal. You receive a SharedPaymentToken identifier via API, create a PaymentIntent, and confirm it. Subsequent events like refunds and reporting behave identically to direct PaymentMethod flows. The main addition is handling the SPT grant and validating its scope.
What is the x402 protocol and how does it relate to Stripe?
x402 is a machine-to-machine payment protocol that uses HTTP status code 402 (Payment Required) as a native paywall mechanism. When an agent requests a paid resource, the server responds with 402 and a payment address. The agent remits payment and retries. Stripe supports x402 alongside its own Machine Payments Protocol (MPP), meaning merchants can accept payments from agents regardless of which protocol the agent platform uses.
How do I package a payment-capable agent as a workspace template?
Structure your template with environment variable placeholders for Stripe keys (never hardcode them). Include the MCP server configuration for Stripe in your .openclaw/mcp.json, a SOUL.md that defines the agent's payment behavior and guardrails, and a README explaining what Stripe permissions the template requires. Users provide their own API keys at install time. Community platforms like ClawAgora host these templates for others to discover and deploy.
What fraud protections exist for agent-initiated Stripe payments?
SPTs are powered by Stripe Radar, which relays underlying risk signals including likelihood of fraudulent disputes, card testing, stolen cards, and issuer declines. Additionally, every SPT is programmable -- scoped to a specific seller, bounded by maximum amount and expiration time, and observable throughout its lifecycle. This prevents unauthorized agent actions and reduces dispute rates compared to traditional card-on-file flows.