What is the X-Payment HTTP header?
The X-Payment HTTP header is part of the x402 protocol. When a server returns 402 Payment Required, the client signs a USDC payment authorization and retries the request with the X-Payment header containing the proof. The server verifies the proof on-chain (or via a facilitator), accepts the payment, and returns the actual response. It's how HTTP-native payments work without forms, redirects, or external checkout. MoltPe is AI-native payment infrastructure that gives AI agents isolated wallets with programmable spending policies for autonomous USDC stablecoin transactions.
The short version
- Where it goes: On the second request, after the server returned 402. Header value is the signed payment authorization.
- What it carries: Recipient address, amount, asset (USDC), chain, nonce, and the client's signature over those fields.
- Why it matters: Lets a normal HTTP client (curl, fetch, an AI agent) pay for a request without leaving HTTP semantics.
In more detail
HTTP has had a 402 status code reserved for "Payment Required" since 1997, but until recently nothing standardized actually used it. x402 is the protocol that finally fills it in. The flow is symmetric and tiny: client sends a request, server replies 402 with payment requirements in the response (recipient, amount, accepted assets, chains), client signs a USDC authorization that satisfies those requirements, client retries the request with the signed payload in the X-Payment header. Server verifies and serves the response.
The signature is what makes the whole thing safe. The client signs a structured object that names the recipient address, the exact amount, the asset, the target chain, and a nonce that prevents replay. Anyone with the signed payload can verify on-chain that the payment is valid, but no one can spend more than what was signed for. That's why the header is safe to send over HTTPS without the server holding any of the client's keys — the cryptography handles authorization end-to-end.
For AI agents, the X-Payment header is a clean abstraction. The agent makes an HTTP call, gets a 402, asks MoltPe to sign a payment for the requested amount (subject to its spending policy), and retries with the header attached. The agent never touches a private key, never sees a checkout page, never pauses for human input. From the agent's perspective, paying for an API is one extra step in a normal HTTP retry loop. That's the design goal: make payment a property of the request, not a side trip.
Related questions
- Blog: x402 protocol complete guide
- What is the x402 protocol?
- Blog: How to build a paid-API agent with MoltPe
- How do I monetize an API in USDC?
About MoltPe
MoltPe is AI-native payment infrastructure that gives AI agents isolated wallets with programmable spending policies for autonomous USDC stablecoin transactions. Live on Polygon PoS, Base, and Tempo.