The History of HTTP 402
HTTP 402 defined in RFC 2068, marked as “reserved for future use” for digital payments
Status code sits unused while web payments evolve through separate channels
AI agents need machine-readable payment signals, HTTP 402 finally activated
Why HTTP 402 Matters Now
The rise of AI agents changes everything. Unlike human users who can navigate payment forms, AI agents need machine-readable payment signals.
Clear Signal
HTTP 402 unambiguously signals “payment required”
Payment Instructions
Structured data: what to pay, how much, where
Proof of Payment
Receipt proving payment occurred
How PEAC Uses HTTP 402
PEAC Protocol builds on HTTP 402 with additional structure for AI access control, payments, and receipts. When a PEAC-enabled endpoint receives a request without valid payment:
HTTP/1.1 402 Payment Required
Content-Type: application/json
{
"type": "payment_required",
"message": "Access requires payment",
"payment": {
"amount": "0.01",
"currency": "USD",
"methods": ["x402", "stripe"]
},
"policy_url": "https://example.com/.well-known/peac.txt"
}x402: The Payment Extension
x402 is an extension that adds structured payment descriptions to HTTP 402 responses. It works with PEAC to provide:
See the x402 integration guide for implementation details.
Testing HTTP 402
You can test a PEAC-enabled 402 endpoint with curl:
curl -i https://demo.originary.xyz/api/gated # Response: # HTTP/2 402 # content-type: application/json
Try the interactive demo to see 402 flows in action.
Beyond Payments: Access Control
HTTP 402 in PEAC isn't only about money. It can gate access based on:
AI Bot Policy
Require agents to comply with crawling policy
Attribution
Require agreement to attribution terms
Consent
Proof of user consent for training use
Rate Limiting
Premium access for paying agents
Getting Started
See Adding 402 in 15 Minutes for a step-by-step guide.