// GLOSSARY -- X402

What is HTTP 402 Payment Required?

1 min read Updated

HTTP 402 is a status code reserved in the HTTP specification for digital payment systems. Defined in HTTP/1.1 but never standardized — until x402 gave it purpose as the foundation for AI agent payments.

WHY IT MATTERS

When HTTP was written in the 1990s, the authors reserved 402 for web payments alongside 401 (Unauthorized) and 403 (Forbidden). But the tech wasn't ready — payments went through credit card gateways instead.

Decades later, stablecoins, programmable blockchains, and AI agents created the conditions for HTTP 402. The x402 protocol implements the original vision: a server responds 402 for "payment required," and the client (an AI agent) pays programmatically.

This enables true pay-per-request economics powered by agents processing payments at machine speed.

HOW POLICYLAYER USES THIS

As 402 enables protocol-level agent payments, PolicyLayer determines whether an agent should honor a payment challenge — evaluating each against spending policies before authorizing.

FREQUENTLY ASKED QUESTIONS

Why wasn't HTTP 402 implemented earlier?
The 1990s lacked micropayment infrastructure. Credit card minimums, high fees, and no digital currency made per-request payments impractical. Stablecoins on L2s finally solved this.
Is HTTP 402 an official standard?
The code is in the HTTP spec as 'reserved for future use.' x402 provides the first practical implementation but isn't yet an IETF standard.
Can 402 work without crypto?
In theory, yes. In practice, crypto (stablecoins on L2s) is the only rail fast and cheap enough for per-request micropayments.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.