How do I install Agentpay?

Agentpay is a remote plugin. You do not need to install anything locally. Add the server URL to your AI app's MCP configuration and you are ready to go.

What AI apps work with Agentpay?

Agentpay uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Agentpay MCP Server

by Rumblingb

Developer ToolsLow Risk9.1MCP RegistryRemote

Free

Server data from the Official MCP Registry

Portable payment, identity, approval, and execution control plane for AI agents.

About

Portable payment, identity, approval, and execution control plane for AI agents.

Remote endpoints: streamable-http: https://api.agentpay.so/api/mcp

Security Report

9.1

Low Risk9.1Low Risk

Valid MCP server (2 strong, 4 medium validity signals). 3 known CVEs in dependencies Imported from the Official MCP Registry.

Endpoint verified · Requires authentication · 4 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

How to Connect

Remote Plugin

No local installation needed. Your AI client connects to the remote endpoint directly.

Add this to your MCP configuration to connect:

{
  "mcpServers": {
    "io-github-rumblingb-agentpay": {
      "url": "https://api.agentpay.so/api/mcp"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

AgentPay

AgentPay is the authority layer between an AI agent and the real world. It handles provider access, funding authority, human approval, exact-call resume, and proof so agents can finish work end to end without raw secrets in chat or repeated dashboard setup.

It is not a generic "agent platform." It is the trust seam that makes autonomous execution usable.

npx -y @agentpayxyz/mcp-server

That one command gives any MCP-compatible host the ability to:

request API access
vault credentials without exposing the raw key to the agent
run governed paid execution
pause for OTP or approval only when needed
resume the exact blocked call automatically
reuse governed access later from the same workbench

Why it exists

Agents fail at the same place every time:

they need an API the developer has not wired yet
they need a credential the human should not paste into chat
they hit a paid step and lose continuity

AgentPay fixes that seam.

Capability Vault Users connect a provider once through AgentPay. The raw credential is vaulted server-side. The agent receives only governed capability access.

Governed paid execution Humans set guardrails once: funding rail, auto-approve limit, OTP policy, and spend limits. AgentPay enforces those rules when the agent acts.

Exact-call resume When a paid step needs a human, AgentPay pauses, collects the minimum approval, and resumes the exact blocked call without asking the agent to reconstruct it.

Same-workbench reuse Local projects never need raw provider keys. AgentPay can issue opaque, revocable workbench leases so the same workbench can reuse governed access later.

The inevitable path

This is the path AgentPay is built around:

Agent asks for an API.
AgentPay checks whether governed access already exists.
If not, AgentPay runs one hosted setup flow for authority and provider connection.
The agent uses the capability for free until paid usage is required.
AgentPay pauses for OTP or confirmation only if policy requires it.
AgentPay resumes the exact blocked call.
The same workbench can reuse governed access later without re-entering the secret.

Get started in 30 seconds

Add AgentPay to Claude Desktop (claude_desktop_config.json):

{
  "mcpServers": {
    "agentpay": {
      "command": "npx",
      "args": ["-y", "@agentpayxyz/mcp-server"],
      "env": {
        "AGENTPAY_API_KEY": "apk_your_key_here",
        "AGENTPAY_MERCHANT_ID": "your_merchant_id"
      }
    }
  }
}

Get your API key:

curl -s -X POST https://api.agentpay.so/api/merchants/register \
  -H "Content-Type: application/json" \
  -d '{ "name": "My Agent", "email": "you@example.com" }'

Now ask your host:

"My agent needs Firecrawl. Set a $5 auto-approve limit, ask for OTP above that, and keep the key out of chat."

Or:

"My agent needs Databento for this workbench. If access already exists, reuse it. If not, start the minimal AgentPay setup flow."

Full quickstart

Terminal-native control plane

AgentPay should be operated through hosts and terminals, not a merchant dashboard.

Key surfaces:

GET /api/capabilities/authority-bootstrap
POST /api/capabilities/authority-bootstrap
POST /api/capabilities/access-resolve
POST /api/capabilities/onboarding-sessions
POST /api/capabilities/lease-execute
GET /api/capabilities/leases
POST /api/capabilities/leases/:leaseId/revoke
POST /api/capabilities/:capabilityId/execute

These let a host or agent:

read authority state
set guardrails
connect providers
request human approval only when needed
reuse governed access safely later

Flagship provider paths

The current wedge is strongest when AgentPay owns setup and continuity for high-value agent APIs.

Current priority paths:

Databento
Firecrawl
Browserbase
Exa
Generic REST API fallback

The product goal is simple: visiting provider dashboards should become the exception, not the default.

Remote MCP

For hosts that support remote MCP:

https://api.agentpay.so/api/mcp

Authenticate with your API key as a Bearer token, or mint a short-lived token for Claude, OpenAI, or another remote MCP host:

curl -X POST https://api.agentpay.so/api/mcp/tokens \
  -H "Authorization: Bearer apk_your_key_here" \
  -d '{ "audience": "openai", "ttlSeconds": 3600 }'

Ace - built on AgentPay

Ace is a proof front door built on AgentPay. It demonstrates the core seam under real-world conditions. It is not the core story.

Product truth

If a human still has to:

paste a raw provider key into chat
rebuild a blocked call after payment
keep reopening provider dashboards
or lose continuity between approval and execution

then the product is still unfinished.

Developer resources

Resource	Link
Quickstart	QUICKSTART.md
MCP server reference	packages/mcp-server/README.md
Full API reference	openapi.yaml
Terminal-native control plane	docs/TERMINAL_NATIVE_CONTROL_PLANE_20260419.md
Examples	examples/README.md
Security model	docs/SECURITY_MODEL.md

Repository layout

apps/
  api-edge/         Cloudflare Workers public API
  meridian/         Ace front door

packages/
  mcp-server/       Published MCP package
  sdk/              TypeScript SDK
  sdk-node/         Node.js SDK

examples/           Example agents and adapters
docs/               Architecture and product notes
migrations/         PostgreSQL migrations
ops/                Founder and growth operating artifacts

License

Business Source License 1.1. Converts to AGPL-3.0 on 2029-01-01.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Agentpay MCP Server

About

Security Report

Findings (4)

Permissions Required

How to Connect

Documentation

AgentPay

Why it exists

The inevitable path

Get started in 30 seconds

Terminal-native control plane

Flagship provider paths

Remote MCP

Ace - built on AgentPay

Product truth

Developer resources

Repository layout

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent