## What is SPT?

SPT (Shared Payment Token) lets AI agents pay for API calls with Stripe — using real card payments instead of crypto. A user pre-authorizes a token with spending limits, and the agent uses it to pay services autonomously.

## How it works

1. User creates an SPT via Stripe with spending limits (max amount, currency, expiration)
2. Agent sends a request to a paid endpoint
3. Server returns **HTTP 402** with `WWW-Authenticate: Payment method="stripe", intent="charge", request="<base64url>"`
4. Agent decodes the `request` field to learn the price (amount, currency)
5. Agent retries with `Authorization: Payment <credential>` containing the SPT
6. Server creates a Stripe PaymentIntent using the token, verifies it succeeded, and responds

## Key concepts

- **Shared Payment Token**: A scoped, limited-use Stripe token (prefixed `spt_`) that grants an agent permission to spend
- **Usage limits**: Each token has max amount, currency, and expiration — the user controls how much the agent can spend
- **mppx middleware**: The same middleware that handles [MPP](/kb/mpp) (Tempo) payments also handles SPT — a server can accept both
- **Multiple challenges**: A 402 response can include multiple `WWW-Authenticate: Payment` headers for different methods (tempo, stripe), letting agents choose how to pay

## How agents discover SPT

SPT uses two discovery channels:

1. **Runtime (authoritative)**: The HTTP 402 response with `method="stripe"` in the `WWW-Authenticate: Payment` challenge
2. **Pre-request (advisory)**: [OpenAPI](/kb/openapi) `x-payment-info` extension on operations that require payment

The 402 response is always authoritative — OpenAPI metadata is advisory only.

## How to add SPT to your service

1. Install mppx: `npm install mppx`
2. Configure your Stripe secret key
3. The mppx middleware will return 402 challenges for both Tempo and Stripe methods
4. Agents with an SPT can pay via Stripe; agents with pathUSD can pay via Tempo

## Learn more

- [Stripe SPT docs](https://docs.stripe.com/agentic-commerce/concepts/shared-payment-tokens) — Token creation and usage
- [mppx on npm](https://www.npmjs.com/package/mppx) — Middleware that handles both MPP and SPT
- [paymentauth.org](https://paymentauth.org) — Payment discovery spec