Skip to main content
Agents are a new buyer of your API, and they don’t onboard the way humans do. They don’t sit at a browser, fill out a Stripe Checkout, or remember to top up a credit balance. Today they either stall at your paywall or hardcode a human’s API key. Nevermined turns that failure mode into revenue with a small server-side integration. Agents holding a delegated card mint an x402 access token, send it to your endpoint, and you provision or top up access in response. You verify and settle through Nevermined’s x402 facilitator; the buyer’s card is charged through Stripe, Braintree, or the Visa Trusted Agent Protocol depending on how it was enrolled. All three settle x402 charges through the same nvm:card-delegation scheme — your endpoint code doesn’t change. Exa is the live reference. Agents pay Exa $7 via a Nevermined-delegated card and receive an Exa API key with $7 of credits. When the key runs out, the agent tops up through the same endpoint. Same key, more credits, no human touched it.

What you build, in five steps

1

Create a pay-as-you-go plan

On the Nevermined App, choose pay-as-you-go pricing (one charge per purchase) and set your price (e.g. $7). That’s it: the App doesn’t ask about credits on PAYG, and one call to your purchase endpoint = one card charge of your plan price. See Manage Plans.
2

Expose one endpoint

Accept a payment-signature header on a new route or an existing one. Existing customers keep their flow unchanged.
3

Verify with the facilitator

Call payments.facilitator.verifyPermissions(...). Missing or invalid token returns 402 Payment Required with the payment requirements body.
4

Run your business logic

Provision an API key, top up credits, unlock a resource, whatever your product is.
5

Settle

Call payments.facilitator.settlePermissions(...). The card is charged and you get paid. (On credits-bundle plans, settle also burns credits from the buyer’s balance; on PAYG, there’s no credit movement.)

Server-side handler

Your handler does three things: read the payment-signature header, verify the token with the Nevermined facilitator, and settle after running your business logic. Examples below for TypeScript, Python, and raw HTTP. 
import { Payments, buildPaymentRequired } from '@nevermined-io/payments'

const payments = Payments.getInstance({
  nvmApiKey: process.env.NVM_API_KEY!,
  environment: 'live',
})

const paymentRequired = buildPaymentRequired(process.env.NVM_PLAN_ID!, {
  endpoint: '/purchase-key',
  httpVerb: 'POST',
  scheme: 'nvm:card-delegation',
})

// Pre-encode for the `payment-required` response header (per x402 spec §4.3).
const paymentRequiredHeader = Buffer.from(
  JSON.stringify(paymentRequired),
).toString('base64')

const send402 = (res) =>
  res
    .status(402)
    .setHeader('payment-required', paymentRequiredHeader)
    .json(paymentRequired)

app.post('/purchase-key', async (req, res) => {
  const token = req.header('payment-signature')
  if (!token) return send402(res)

  const verification = await payments.facilitator.verifyPermissions({
    paymentRequired,
    x402AccessToken: token,
  })
  if (!verification.isValid) return send402(res)

  const apiKey = await provisionOrTopUp(req)

  const settlement = await payments.facilitator.settlePermissions({
    paymentRequired,
    x402AccessToken: token,
  })

  // Settlement receipt in the `payment-response` header (per x402 spec §4.3).
  res
    .setHeader(
      'payment-response',
      Buffer.from(JSON.stringify(settlement)).toString('base64'),
    )
    .json({ apiKey })
})
The handlers above set the payment-required (on 402) and payment-response (on 200) response headers per the card-delegation spec §4.3. The optional middleware below handles this for you automatically.
If you’re on Express or FastAPI, the SDK ships a payment middleware that handles the verify/settle dance and the spec-correct response headers for you. One config line gates your endpoint, your handler stays focused on business logic.
The route config also accepts an optional credits field (default 1). It’s inert on PAYG plans and is the per-request burn amount on credits-bundle plans. Omitted in the snippets below for the PAYG happy path.
import express from 'express'
import { Payments } from '@nevermined-io/payments'
import { paymentMiddleware } from '@nevermined-io/payments/express'

const app = express()
app.use(express.json())

const payments = Payments.getInstance({
  nvmApiKey: process.env.NVM_API_KEY!,
  environment: 'live',
})

app.use(
  paymentMiddleware(payments, {
    'POST /purchase-key': {
      planId: process.env.NVM_PLAN_ID!,
      scheme: 'nvm:card-delegation',
    },
  }),
)

app.post('/purchase-key', async (req, res) => {
  const apiKey = await provisionOrTopUp(req)
  res.json({ apiKey })
})
The middleware reads the payment-signature header, calls verifyPermissions, runs your handler, then calls settlePermissions and attaches the payment-response header before sending the response. See the Express and FastAPI integration pages for middleware options (dynamic credits, hooks, custom error handlers).

Two things to remember

Idempotency. Agents retry. Cache token → result so a replayed token returns the same response without re-running your business logic or re-charging the card.
402 on your regular endpoints. When the agent’s credits run dry, return 402 with a top-up hint on the resource endpoints (not just the purchase endpoint). The agent loops back, mints a fresh token, and pays again on the same purchase route.

Vend-the-key vs full metering

Two patterns are supported. Pick whichever matches how you already meter usage.

Vend-the-key

A Nevermined purchase returns a credential (e.g. an API key with $X of credits). You meter ongoing usage internally with your existing infrastructure. Exa works this way. Best when you already have per-key billing.

Full metering

Nevermined settles each underlying API call. Best when you don’t have internal billing infra or prefer per-request settlement. Use the validate-requests and charge-credits patterns directly on your resource endpoints.

Make it agent-discoverable

Agents don’t read your HTML. They read your llms.txt and the .md mirrors next to your docs pages. Whichever path you took above, you still need these published on your own domain so crawlers find them under your brand.
A Premium org auto-generates both files for you, served live from the Nevermined facilitator:
GET https://api.live.nevermined.app/api/v1/organizations/{orgId}/llms.txt
GET https://api.live.nevermined.app/api/v1/organizations/{orgId}/agentic-instructions.md
Swap api.live for api.sandbox for the sandbox environment. Copy the rendered output to your own domain at whatever path your llms.txt references — your-api.com/integrations/nevermined.md is the common convention (Exa uses /docs/integrations/nevermined.md under their docs subpath). The org endpoint gives you the canonical content; you pick the publication URL and the filename agents discover, as long as the llms.txt entry on your side matches. Updates are picked up on next render (5-minute cache).
Updating your human-facing HTML docs is optional and less agent-native.

Agent-side call (for context)

What the agent runs to mint a token and call your endpoint: 
const { accessToken } = await payments.x402.getX402AccessToken(
  YOUR_PLAN_ID,
  undefined,
  {
    scheme: 'nvm:card-delegation',
    delegationConfig: {
      providerPaymentMethodId: 'pm_...',
      spendingLimitCents: 700,
      durationSecs: 3600,
    },
  },
)

const res = await fetch('https://your-api.com/purchase-key', {
  method: 'POST',
  headers: { 'payment-signature': accessToken },
})

FAQ

Settled funds are paid out via your connected payout provider on the provider’s standard schedule: Stripe Connect for Stripe and Visa Trusted Agent Protocol delegations (Visa settlement runs through Stripe Connect); your Braintree OAuth merchant account for Braintree delegations.
No. Your existing API and billing surface stay as-is. Agent-payable signup is a parallel path you opt into with a new endpoint.
Yes. Per-call, top-ups, and credit bundles map cleanly to Nevermined plans. For subscriptions, talk to us, recurring billing is supported case-by-case.
Three rails today, all consumed through the same nvm:card-delegation x402 scheme:
  • Stripe — direct card enrollment and Stripe PaymentIntents settlement
  • Braintree — Drop-in enrollment and transaction.sale settlement against OAuth-connected seller merchants
  • Visa Trusted Agent Protocol — Visa Agentic Token enrollment via VGS Credential Management Platform, per-delegation WebAuthn/passkey device binding, settlement through Stripe Connect
The x402 token your endpoint verifies is the same regardless of rail; Nevermined handles the rail-specific details. See the card-delegation spec for the underlying flow.
Yes, on the Stripe and Braintree rails. Integrate, run end-to-end test transactions, and validate your handler before flipping to live. The Visa Trusted Agent Protocol uses VGS sandbox with VTS-registered test PANs; Visa delegations require a real device that can run a WebAuthn ceremony (or fall back to the email OTP that VTS sends).
TypeScript and Python SDKs ship today, with framework helpers for Express.js and FastAPI. The facilitator API is plain HTTP, so any language can call verify/settle directly. See the Generic HTTP guide.
A Stripe Connect account is required for Stripe and Visa Trusted Agent Protocol delegations (Visa settlement runs through Stripe Connect). For Braintree delegations, you connect a Braintree OAuth merchant account instead (see Braintree onboarding). Nevermined handles card acquisition and PCI scope on the buyer side; you just bring your payout destination.
On Stripe destination charges, Nevermined is the merchant of record: Stripe routes disputes and refunds through Nevermined, and we surface the chargeback or charge reference so you can match it to specific agent transactions.
Stripe Connect handles currency conversion to your destination account, so non-USD payouts work for Stripe and Visa delegations. Braintree requires the seller to have a child merchant account per accepted currency. The Visa Trusted Agent Protocol currently supports predominantly US-based issuers, with the eligibility list expanding through the pilot.

Want a shortcut? Become a Nevermined Organization

A Premium Organization bundles the agent-discovery work above and adds tooling on top: an embeddable PCI-compliant card-capture widget for your domain, auto-generated llms.txt and agentic-instructions.md rendered live from your plans, a customer list that auto-populates on agent purchases, webhooks, analytics, and multi-seat access. The DIY recipe above stays fully supported and is what powers Exa today; pick whichever fits your operational model. See Platform Partners (Organizations) for the org-specific guide.

Pricing

Three Nevermined Organization plans, picked at sign-up:
PlanCostWhat’s included
StarterFreePublish plans and agents on a single-seat account. No org features (no widgets, no auto-generated agent docs, no customer list).
Premium OrganizationRecommended$250 / monthAll Premium features: widget card capture, auto-generated llms.txt / agentic-instructions.md, customer list, webhooks, analytics, 5 invitable seats.
Enterprise Organization$500 / monthPremium + unlimited agents and plans.
Settlement fees on agent payments are documented in the Nevermined Pay overview.
Pilot / whitelist / fee waiver. Talk to us before you ship if you’re a launch partner, an early-stage API provider, or running a closed pilot. We can waive or reduce Organization plan fees and settlement fees in select circumstances. Email hello@nevermined.io or contact us.