AP2

v0.2.0-alpha.1OAuth2alpha

Google's Agent-to-Agent Payment Protocol. Authorization, audit, trust establishment between autonomous payment agents.

22 tools1 env vars🌐 GLOBALalpha — pending validation

Install

terminal

$ npm install @codespar/mcp-ap2@alpha

Quickstart

Add this entry to your claude_desktop_config.json (or any MCP-compatible client config).

claude_desktop_config.json

{
  "mcpServers": {
    "ap2": {
      "command": "npx",
      "args": [
        "-y",
        "@codespar/mcp-ap2@alpha"
      ],
      "env": {
        "AP2_API_KEY": "<your_ap2_api_key>"
      }
    }
  }
}

After restart, your agent can call any of the 22 tools below — try register_agent first.

Environment variables · 1

Required to authenticate the server. Stored encrypted when using CodeSpar managed hosting.

AP2_API_KEY

requiredsecret

API key for ap2

Available tools · 22

Each tool is independent — your agent loads only what it needs to reduce context and response time.

WRITEregister_agent

Register an AI agent as a trusted payer in the AP2 network. Defines the agent's identity, capabilities, and spending limits.

READget_agent

Get agent registration details, trust status, and current spend usage

READlist_agents

List registered agents with optional filters

DELETErevoke_agent

Revoke an agent's payment authorization. The agent will no longer be able to make or receive payments.

WRITEauthorize_payment

Request payment authorization with scoped limits. Returns an authorization token that can be used to execute the payment.

READget_authorization

Get authorization details including status, limits, and expiry

READlist_authorizations

List payment authorizations with optional filters

WRITEexecute_payment

Execute an authorized payment. Requires a valid authorization token.

Compatible frameworks

MCP is a protocol — any framework that speaks it can mount this server.

Claude Agent SDKAnthropic

OpenAI AgentsOpenAI

Vercel AI SDKVercel

LangChainLangChain

LlamaIndexLlamaIndex

CrewAICrewAI

MastraMastra

Any MCP clientProtocol

Frequently asked questions

All credentials are encrypted at rest in an isolated vault scoped per organization. OAuth2 tokens are automatically refreshed before expiry. Your agent code never sees raw secrets — it receives scoped, short-lived session tokens.