← Back to blog
Protocol · 6 min read · March 2026

x402 Explained: How HTTP 402
Finally Gets Its Moment

The HTTP 402 status code has been reserved since 1996 with the label "Payment Required." For nearly three decades, nobody used it — until now. Here's what x402 is, how it works, and how to add it to your agent in under 30 lines of code.

6 min read

A status code with a 30-year backlog

When the HTTP/1.0 spec was published in 1996, the authors reserved status code 402 for future use. Their reasoning was prescient: the internet would eventually need a standardized way to express "this resource requires payment." The note in the original RFC read simply: "Payment Required — reserved for future use."

That future arrived slowly. The problem was never technical — it was a coordination problem. For 402 to be useful, both the client and server needed to agree on what payment looked like. Credit card numbers in a header? An API key tied to a billing account? The ecosystem never converged.

Then AI agents started browsing the web autonomously. And suddenly, the coordination problem had a natural forcing function.

What x402 changes

x402 is an open protocol — backed by Coinbase, Google, Anthropic, Stripe, Visa, and others — that standardizes how a server can request payment and how a client can fulfill that request, all within a single HTTP exchange.

The core idea is elegant: when a server needs payment before serving a resource, it returns a 402 response with a machine-readable payment descriptor in the body. The client parses the descriptor, executes the payment, and retries the original request with a X-Payment header containing the transaction receipt. The server validates the receipt and serves the resource.

No redirects. No OAuth. No billing portal. Just HTTP.

Why this matters for AI agents: An autonomous agent can't click a "subscribe" button or enter a credit card number. x402 gives agents a machine-native payment interface that works within their existing HTTP call patterns.

The x402 payment flow

Here's the complete interaction sequence:

x402 interaction sequence
# Step 1: Agent makes a request to a paid API endpoint GET /api/v1/market-data/AAPL HTTP/1.1 Host: data.example.com Agent-ID: agent_7f3a9b2c1d # Step 2: Server responds with 402 + payment descriptor HTTP/1.1 402 Payment Required Content-Type: application/json { "amount": "0.001", "currency": "USD", "recipient": "0x742d35Cc6634C0532925a3b8D4C9b3e57", "network": "base", "memo": "market-data:AAPL:2026-03-31", "expires": "2026-03-31T12:05:00Z" } # Step 3: Agent executes payment, retries with receipt GET /api/v1/market-data/AAPL HTTP/1.1 Host: data.example.com X-Payment: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9... Agent-ID: agent_7f3a9b2c1d # Step 4: Server validates receipt, serves the resource HTTP/1.1 200 OK Content-Type: application/json { "ticker": "AAPL", "price": 182.47, ... }

The X-Payment header contains a signed JWT proving the transaction was executed. The server can verify this receipt against the payment network without a round-trip — the signature is self-contained.

Implementing an x402 endpoint with Proco

If you're building a service that agents will pay to access, here's how to add x402 support using Proco's server SDK:

server.ts — x402-enabled Express endpoint
import { ProcoX402Middleware } from '@proco/sdk/x402'; import express from 'express'; const app = express(); // Mount the x402 middleware on any route you want to monetize app.use('/api/v1/market-data', ProcoX402Middleware({ amount: '0.001', // USD per request recipient: process.env.PROCO_WALLET_ADDRESS, network: 'base', memo: (req) => `market-data:${req.params.ticker}`, ttl: 300, // payment valid for 5 minutes })); app.get('/api/v1/market-data/:ticker', (req, res) => { // If we reach here, payment was verified res.json({ ticker: req.params.ticker, price: 182.47 }); });

Handling 402 responses in your agent

On the agent side, Proco's client SDK intercepts 402 responses automatically and handles the payment flow before retrying:

agent.ts — automatic 402 handling
import { ProcoAgent } from '@proco/sdk'; const agent = new ProcoAgent({ walletAddress: process.env.AGENT_WALLET_ADDRESS, spendingPolicy: { maxPerRequest: '0.01', // reject payments > $0.01 dailyLimit: '5.00', // hard daily cap allowedRecipients: [ // whitelist of payable addresses '0x742d35Cc6634C0532925a3b8D4C9b3e57', ], }, }); // Fetch with automatic x402 payment handling const data = await agent.fetch('https://data.example.com/api/v1/market-data/AAPL'); // ↑ If a 402 is received, SDK auto-pays and retries // ↑ If the payment would exceed policy, it throws PaymentPolicyError

Who's behind x402

The x402 protocol was proposed by Coinbase and has gathered backing from Google, Anthropic, Stripe, and Visa — a rare cross-industry alignment that signals this is becoming a real standard, not just an experiment. The spec is open and the reference implementation is on GitHub.

Proco's role is as payment infrastructure: we issue the agent wallets, enforce spending policies, validate payment receipts, and provide the settlement layer. You get x402 support out of the box — no blockchain integration required on your end.

What to read next

Build your first x402-enabled agent

Free sandbox on signup. No credit card. Live in 10 minutes.

Start building free →