What Is Amazon Bedrock AgentCore Payments?

What Is Amazon Bedrock AgentCore Payments?

Amazon Bedrock AgentCore Payments is a fully managed AWS service that enables microtransaction payments inside AI agents, letting them pay for paid APIs, MCP servers, and paywalled content using the x402 protocol. AWS launched the service in preview on May 7, 2026 in four regions: US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney). AWS Machine Learning Blog

The service exists because the unit economics of agent transactions break traditional payment infrastructure. Individual API calls and content requests are often valued in cents or fractions of a cent, but credit card networks impose minimum transaction fees that make those payments uneconomic. AgentCore Payments solves this by routing agent micropayments through stablecoin rails over the open x402 protocol, while keeping developer setup measured in days rather than months. AWS AgentCore Developer Guide

The service ships with five capabilities developers can compose against:

• Payment orchestration: Manages the full lifecycle on the agent side, from receiving a merchant payment request through wallet signing and submitting cryptographic proof back to the merchant, including multi-step flows and exception handling.
• Payment limits: Each PaymentSession carries a maxSpendAmount, currency, and expiry; once budget is reached or the session expires, further payment requests are denied at runtime.
• Third-party wallet integration: Supports two embedded stablecoin wallet providers at launch, Coinbase CDP and Stripe/Privy, with credentials stored in AgentCore Identity.
• Endpoint discoverability: Ships a managed Coinbase x402 Bazaar MCP server exposing thousands of pay-per-use x402 endpoints through AgentCore Gateway.
• Observability: Vends application logs to CloudWatch and trace spans to AWS X-Ray for every data plane API call, giving developers transaction-level visibility.

The service is positioned as the developer platform layer for autonomous agent commerce. It does not replace network-side frameworks like Visa Intelligent Commerce Connect or Amex Agentic Commerce Experiences, and it does not compete with consumer wallet products like Stripe's Link wallet for agents. AgentCore Payments is for the developer who is building an agent and wants that agent to pay for things programmatically without writing wallet, settlement, and budget control code from scratch. AWS positions the service as reducing developer effort from months to days. AWS AgentCore Developer Guide

How Does the x402 Protocol Make Agent Payments Work?

x402 is an open standard for internet-native payments that uses the HTTP 402 Payment Required status code, the long-reserved code that web browsers never adopted at scale. It was built and open-sourced by Coinbase, with v2 of the specification now shipping. The protocol was designed so developers can require payment per endpoint with a single middleware line, and so clients can pay instantly using stablecoins without creating a protocol-layer account. Wallet providers and fiat on-ramps that fund those wallets may still apply their own KYC and compliance checks depending on jurisdiction. x402.org

The end-to-end x402 flow runs through four discrete protocol moments:

• Step 1, agent request: The agent makes a normal HTTP request to a paid resource, with no payment attached.
• Step 2, server challenge: The server responds with HTTP 402 and a base64-encoded PaymentRequired payload describing what the resource costs and which networks and schemes it accepts.
• Step 3, signed retry: The agent's wallet signs a PaymentPayload and reattaches it to the request via a PAYMENT-SIGNATURE header.
• Step 4, verify and settle: The server either verifies and settles locally or posts to a facilitator's verify and settle endpoints; once settlement clears, access is granted and a PAYMENT-RESPONSE header returns the cryptographic receipt.

x402 separates schemes (the logical payment method) from networks (the chain the payment runs on). The first shipping scheme is "exact," which transfers a specific amount per request; an "upto" scheme is referenced for variable-amount metered access. The protocol supports EVM chains, Solana (SVM), and Stellar at the spec level, with TypeScript, Python, and Go SDKs available in the official repository. Coinbase x402 GitHub

What makes x402 attractive for agents is that it adds no protocol-layer fee beyond standard on-chain network costs, requires no protocol-layer account, and clears at the speed of a stablecoin transfer rather than the speed of a card network. Those properties matter because agent traffic is bursty, anonymous from the merchant's perspective, and frequently sub-cent. AgentCore Payments takes the agent side of the protocol and wraps it in a managed service so that developers do not have to handle 402 parsing, signing, scheme negotiation, or facilitator selection by hand. AWS AgentCore Developer Guide

How Do the Coinbase and Stripe/Privy Wallet Integrations Work?

AgentCore Payments ships with two embedded wallet providers at launch: Coinbase CDP, Coinbase's developer wallet platform, and Stripe/Privy, the wallet infrastructure Stripe acquired in 2025 and now operates as a Stripe company. Both providers issue stablecoin wallets that an agent can use to sign and settle x402 payments, and both can be funded with stablecoins or with fiat through standard debit card on-ramps. AWS Machine Learning Blog

Privy was acquired by Stripe in 2025 and now powers the wallet stack underneath the AWS partnership. Henri Stern, Privy's CEO, framed the launch directly in the Stripe newsroom announcement: "Stripe is building the economic infrastructure for AI. For agents to become meaningful economic actors, they need a way to hold and spend money." Privy reports more than 120 million accounts across 2,000-plus development teams, with hardware-isolated key management and SOC 2 Type II compliance as of December 2024. Stripe Newsroom, Privy.io

The two providers are similar in capability but optimized for different builder profiles:

Attribute	Coinbase CDP	Stripe/Privy
Provider type	Crypto-native developer wallet platform from Coinbase	Embedded wallet stack now operated as a Stripe company
Funding paths	Stablecoin transfer; fiat via debit card on-ramps	Stablecoin transfer; fiat via debit card on-ramps and Stripe rails
Credential storage in AWS	AgentCore Identity PaymentCredentialProvider	AgentCore Identity PaymentCredentialProvider
Best fit	Teams already using Coinbase developer infrastructure or transacting heavily on EVM	Teams already on the Stripe stack or wanting fiat-to-stablecoin paths through Stripe rails
Developer audience referenced	Onchain-native agent builders and x402 ecosystem participants	Stripe's existing AI customer base building consumer and B2B agents

Brian Foster, Coinbase's Head of Infrastructure Growth and Strategy, framed the partnership as giving developers "the full stack to build agents that move money at software speed." That framing positions x402 not as a Coinbase-only payment rail but as the open infrastructure that other wallet providers, including a parent company that competes directly with Coinbase elsewhere in the stack, are willing to plug into. AWS Machine Learning Blog

Despite different developer audiences, both wallet types share the same security and authorization model in AgentCore Payments:

• Pre-funded wallets: Wallets are funded before agents transact, either with stablecoins directly or with fiat through standard debit card on-ramps.
• Explicit user authorization: The user authorizes wallet access during setup before any agent can sign a payment.
• Federated signing surface: AgentCore Payments coordinates signing through the wallet provider's signing API, so private keys and wallet secrets never touch the agent's runtime memory.
• Centralized credential storage: Wallet API keys and secrets live inside AgentCore Identity as a PaymentCredentialProvider rather than in the agent process or environment variables.

What Spending Controls and Identity Guardrails Are Built In?

Every AgentCore Payments transaction runs inside a PaymentSession, which is the unit of budget enforcement. A PaymentSession carries a configurable maxSpendAmount, a currency, and an expiry timestamp; once either limit is reached, further payment requests in that session are denied before the agent ever signs a transaction. The session is also designed so that a failed payment attempt does not permanently consume the budget the agent did not actually spend, as described in the AgentCore developer guide. AWS AgentCore Developer Guide

Identity and credential handling sit one layer below the PaymentSession. AgentCore Payments stores wallet credentials, including Coinbase API keys and Stripe/Privy wallet secrets, in AgentCore Identity as a PaymentCredentialProvider. Developers can scope which agents are allowed to access which wallet resources, applying the principle of least permission to agent runtimes. The agent process itself never sees the raw secret; AgentCore Identity federates access at request time. AWS AgentCore Developer Guide

The full guardrail set looks like this:

• Per-session budget enforcement: maxSpendAmount and currency cap total session spend; expiry caps session duration.
• Tolerance for failed attempts: Failed payment attempts are designed not to permanently consume the session budget, preventing budget drift from transient errors.
• Federated credential access: Wallet API keys and secrets live in AgentCore Identity, not in the agent runtime, with explicit user authorization required during setup.
• Agent-level access scoping: Developers can restrict which agents are allowed to invoke which wallet resources, supporting multi-agent applications with different trust levels.
• End-to-end observability: CloudWatch vends application logs and AWS X-Ray vends trace spans for every data plane call, giving auditors and operators a transaction-by-transaction view of agent payment activity.

This guardrail surface matters because agents fail in ways traditional services do not. A misconfigured prompt can send a research agent into a loop where it queries a paid endpoint hundreds of times in a minute. A jailbroken instruction can convince an agent to spend its entire budget on irrelevant data. The PaymentSession model is the structural answer: the budget is fixed and the session is short-lived, so even a worst-case agent failure has a hard ceiling on financial impact. CloudWatch and X-Ray then give operators the trace data to diagnose what went wrong and tune the guardrails before a session is reissued. AWS AgentCore Developer Guide

How Do Agents Discover Paid Endpoints Through the x402 Bazaar?

AgentCore Payments ships with a ready-to-use Coinbase x402 Bazaar MCP server that exposes thousands of pay-per-use x402 endpoints through AgentCore Gateway. Developers can browse and search the Bazaar from the AWS console or the CLI and add specific endpoints as targets in their Gateway, which means an agent can call those endpoints as native MCP tools without the developer setting up per-provider billing. AWS AgentCore Developer Guide

The endpoints span the categories agents most often need to access programmatically:

• Real-time data feeds: Market data, financial signals, weather, traffic, and other streams traditionally guarded by enterprise contracts.
• Specialized model APIs: Pay-per-token access to AI models without standing subscriptions across multiple providers.
• Premium content paywalls: Publisher and research content monetized for agent access on a per-article or per-query basis.
• Domain-specific tools: Image generation, code analysis, structured-data extraction, and other tools metered by call.
• Storage and compute: On-demand allocation of temporary storage or compute resources with granular pay-per-use pricing.

Customer voices in the launch reinforce the discoverability angle. Mit Majithia of Warner Bros. Discovery described the system as a "promising direction" for premium content transactions, framing AgentCore Payments and x402 as one of the credible answers to how publishers extract value from agent traffic without locking agents out. JW Wang of Heurist AI said the integration was completed "quickly to our agent with low effort," signaling that the time-to-integration claim from AWS holds up at the edge of the third-party agent ecosystem. AWS Machine Learning Blog

For brands and publishers paying attention to answer engine optimization, the Bazaar is where the AEO question and the agentic commerce question converge. An x402-enabled endpoint that exposes structured product data, pricing, or content can be discovered and paid by an agent without that agent ever navigating to a marketing website. Endpoints registered in the Bazaar are the agent-facing equivalent of being indexed by Google in 2005: invisible to humans, foundational to discoverability for the buyer that matters.

How Does AgentCore Payments Compare to Stripe Link, Visa ICC, and Other Agent Payment Stacks?

AgentCore Payments occupies the developer-platform layer of the agent payments stack. It does not authenticate consumers, define an interchange policy, or set network rules; it gives an agent a wallet and a metered way to call paid endpoints. The other agent-payment products that have shipped in 2026 sit at adjacent layers, and they are mostly complementary rather than competitive.

Solution	Layer	Credential type	Settlement rail	Primary audience
AgentCore Payments	Developer platform / wallet for the agent itself	Coinbase CDP or Privy embedded stablecoin wallet	x402 over EVM, Solana, Stellar; stablecoins	Developers building autonomous agents on AWS
Stripe Link wallet for agents	Consumer wallet for agent-mediated purchases	One-time-use card or Shared Payment Token (SPT)	Card networks, bank accounts, machine-payment flows	Developers building consumer-facing assistant and shopping agents
Visa Intelligent Commerce Connect	Network-side agent authentication and credential issuance	Visa-issued agent credential	Visa network	Issuers, acquirers, and agent platforms transacting on Visa
Amex Agentic Commerce Experiences (ACE)	Network-side agent framework with developer kit	Amex-issued agent credential	Amex network	Amex issuers and agent platforms transacting on Amex
Mastercard Verifiable Intent	Network-side intent verification for agent purchases	Mastercard credential with intent attestation	Mastercard network	Mastercard issuers and merchants accepting agent transactions

Three observations follow from this layout, each with implications for how to think about the agent payments stack as a whole:

• AgentCore Payments and Stripe Link target different developers. AgentCore Payments is for the developer building an agent that calls paid APIs and content endpoints autonomously, with stablecoins as the dominant rail. Stripe's Link wallet is for the developer building a consumer-facing assistant that buys consumer goods on behalf of a person whose card is in Link. The same company can use both. See the Stripe Link wallet analysis
• Network frameworks sit a layer below the wallet products. Amex ACE, Visa ICC, and Mastercard Verifiable Intent define how a network authenticates agents, how it issues credentials within its own rails, and how merchants verify that an agent acted on a real consumer's behalf. AgentCore Payments does not replace any of those; an agent that needs to buy a consumer-branded product on a card-accepting merchant still needs the network framework path. Visa ICC analysis, Amex ACE analysis, Mastercard Verifiable Intent analysis
• AgentCore Payments addresses a different transaction type than the open commerce protocols. ACP, UCP, and MPP handle agent-to-merchant cart and checkout flows for consumer goods. x402 handles agent-to-resource micropayments for APIs, content, and tools. A mature agent will speak more than one of these. UCP versus ACP comparison

The practical takeaway for brands and developers is that no single product in the table replaces the others. Agent platforms in production at scale will route different transaction types through different combinations of these stacks, and the integration choice depends on what the agent is buying and from whom. The A.G.E.N.T.I.C. Framework Network and Convert phases map this lifecycle in detail, from protocol implementation through agent transaction optimization.