API budgets
Micropayments
How to keep paid API calls, data access, and machine-speed service usage inside policy before an agent pays.
x402 lets an API ask for payment over HTTP. The agent pays per request, which means spend controls have to work at machine speed.
Why API spend needs its own controls
API spend moves differently. Agents can call many services in one task, compare providers, retry failures, stream results, or pay per request. The payment can happen deep inside a tool call, far from the original user instruction.
The math can get ugly quickly. At $0.05 per request, 1,000 paid calls per hour is $50 per hour, or $1,200 per day. That can happen without a single large transaction. The risk is repetition.
This is why micropayments are the first visible wave of agentic payments. The pattern shows up before full enterprise autonomy: an agent needs a result, the service has a price, and the payment happens inside the request path. The timeline is the same one described in The Timeline for Agentic Payments.
The x402 control loop
HTTP 402 Payment Required has existed since 1997. x402 gives it real payment semantics for machine-to-machine commerce: the API says what it costs, the agent pays, and the request continues.
In a controlled flow, the agent does not pay the challenge immediately. It first sends the amount, recipient, facilitator, resource URL, and payment details to Conto for pre-authorization. Conto checks those details against the agent's x402 policies and general spend rules, then returns an authorized or denied decision.
If authorized, the agent signs the payment, retries the API call, and records the completed payment back to Conto. That final record is what keeps future service budgets accurate. Pre-authorization stops bad calls before payment. Recording makes sure the next decision knows what has already been spent.
Budget checks for paid API calls
x402 controls work best when per-call ceilings, service budgets, and velocity rules are checked before the provider is paid.
Budget at request time
82% spent · $0.88 left
Per-call decisions
Every paid request is checked before the provider is paid. Low-cost calls keep flowing, while an oversized call or an exhausted session both stop without a human in the loop.
Enchant: x402 and MPP in action
Live example
Enchant shows what controlled agentic payments look like in a real product
Enchant is a live example of agentic payments with x402 and MPP. A user asks for a job, Enchant finds the right tool, shows the price before anything runs, and routes the paid step through Conto controls.
Conto is the foundation underneath each user's spend: budgets, policy checks, approvals, and payment records before money moves. You can try Enchant free and get credits when you sign up.
Prompt
User asks Enchant
A task can require a paid tool, data source, or model call.
Quote
Price appears first
The paid step shows its cost before anything runs.
Control
Conto checks policy
Budgets, per-call caps, and approvals are evaluated before spend.
Payment
x402 or MPP clears
Approved micropayments settle and update the user budget.
Try Enchant free
New users get credits when they sign up.
Conto is the spend foundation
Every paid step can carry budget, approval, and audit context.
Example: a paid research workflow
A research agent might start with a broad question, search a few free sources, then hit an API that charges for premium data. The provider returns a payment challenge with the price and resource URL.
Before the agent pays, Conto checks whether that provider is approved, whether the endpoint has budget left, whether the price is under the per-request ceiling, and whether the task has already spent too much on paid data. If the request clears, the agent signs the payment, retries the API call, and records the result.
The same workflow may shift to MPP when one task needs repeated paid usage inside a session. The control model stays the same: authorize before spend, keep a live budget, and record enough context for the next decision.
Policies that matter for x402
Per-call ceiling
Service allowlist
Service budget
Endpoint budget
Velocity limit
Session budget
Most teams should start with a price ceiling, a service allowlist, and a daily service budget. The full rule list lives in the x402 policy reference.
A starter policy
Allowed services
api.openai.com, api.example-data.comMax per request
Max per service per day
Max per endpoint per day
Velocity
Approval
The right numbers depend on the workflow. A research agent may need a broader service list but lower per-call limits. A production data agent may need a narrow allowlist and a larger daily envelope.
What can go wrong
The common failures are operational.
An agent can pay the wrong service because a tool followed a redirected URL. An endpoint price can change and go unnoticed. A retry loop can keep paying after repeated failures. A research task can fan out across too many paid providers. A paid API can return partial results and cause the agent to buy more context than the task justifies.
The most subtle failure is skipped recording. The payment succeeds, but the budget view does not change. The next policy check thinks there is more budget left than there really is. That is why recording is part of the control loop, not just an analytics event.
Recording is part of the control
After a payment executes, the agent needs to record it with Conto. That record should include amount, recipient, service, resource URL, payment ID, wallet, chain, and transaction hash or proof.
If recording is skipped, the system can no longer enforce accurate service budgets. For high-frequency use, record payments in batches.
x402 versus MPP
x402 is a strong fit when each API request is separately priced and the server returns a 402 Payment Required challenge.
MPP is a better fit when the agent will make many charges against one service in a session, such as streaming usage, repeated calls, or a task that should share one budget envelope.
A production checklist
Before an agent pays x402 APIs with real funds, the basic operating model should be clear. The agent needs an owner. The wallet or payment account needs a daily limit. Approved services should be listed explicitly. Per-request prices need a ceiling, and service or endpoint budgets need to match the task the agent is allowed to run.
From there, add controls that catch behavior as well as amount. Velocity limits should catch loops. Expensive calls should route to approval. Completed payments should be recorded. Denied payments should be logged with reasons. Budget views should be checked during testing so the team knows the record path is accurate.
Then run three tests: one approved API call, one denied call above the price ceiling, and one call that requires approval.
Related Conto resources
Put a budget in front of the next paid API call
Start with a service allowlist, a per-request ceiling, and a daily service budget. Then record completed calls so each new decision has current spend state.