Skip to main content

Documentation Index

Fetch the complete documentation index at: https://conto.finance/docs/llms.txt

Use this file to discover all available pages before exploring further.

Conto Hybrid Integration

Use this pattern when your app already owns the runtime, wallet flow, or provider settlement path and you want Conto to enforce policy before money moves. In a hybrid integration:
  • your app decides when a paid action is about to happen
  • Conto approves, denies, or routes that payment to review
  • your app executes the actual settlement
  • your app records the final spend back to Conto

What hybrid means

In managed execution, Conto both authorizes and orchestrates payment through an integrated wallet. In hybrid execution, Conto stays in the control plane while your app stays in the execution path. That makes hybrid a strong fit when you already have:
  • an existing wallet or treasury layer
  • custom routing or fallback logic
  • provider-specific settlement code
  • x402 or MPP payment handling in your own runtime
The main rule is simple: Conto should make the authorization decision before your app executes the payment. If your app settles first and reports later, Conto becomes an analytics mirror instead of a real spend-control layer.

When to use hybrid

Choose hybrid when:
  • you want to keep your current runtime architecture
  • paid actions are embedded inside a larger workflow
  • you need policy checks before API calls, machine payments, or provider settlements
  • you want Conto controls without moving all execution into Conto-managed wallets
Hybrid is especially useful for agent platforms, AI orchestration products, marketplaces, and machine-payment systems.

Responsibility split

Your app owns

  • the user experience
  • workflow and routing logic
  • provider selection and fallback behavior
  • execution timing
  • the settlement call itself
  • app-specific state and reporting

Conto owns

  • spend policies
  • approval thresholds
  • allowlists and counterparties
  • budget controls
  • runtime authorization
  • audit visibility
  • spend analytics

Canonical flow

  1. Keep the product-facing controls in your app.
  2. Provision a Conto agent for each managed actor.
  3. Create and protect a runtime credential for that actor.
  4. Sync supported controls into Conto policy objects.
  5. Call Conto before the paid action executes.
  6. Execute the payment in your own runtime only if approved.
  7. Record the settled spend back to Conto.

Common policy mappings

Product controlConto primitive
Max spend per actionSPEND_LIMIT
Budget per session or runBUDGET_ALLOCATION
Allowed providers or vendorsCOUNTERPARTY or WHITELIST
Human review thresholdAPPROVAL_THRESHOLD
Time-based restrictionsTime or blackout-related policy types

Verification checklist

Use this checklist after setup:
  • each managed actor gets a dedicated Conto binding
  • runtime credentials stay server-side and encrypted at rest
  • policy changes update Conto objects
  • pre-authorization happens before settlement
  • denied payments never reach the execution layer
  • successful payments are recorded back to Conto
  • operators can see runtime status and recent events

Choose Your Integration

Compare SDK, OpenClaw, Hermes, x402, and MPP paths

Architecture Patterns

See the core managed, external wallet, x402, and MPP diagrams

x402 API Payments

Govern pay-per-call API payments before execution

MPP Session Payments

Control repeated charges inside a session budget