Go SDK for the Agentic Commerce Protocol (ACP). github.com/sumup/acp supports Agentic Checkout, Delegated Payment, and Product Feeds.
examples/checkout sample checkout provider implementation.examples/delegated_payment sample PSP (payments service provider) implementation for Delegated Payment.examples/feed sample Product Feed that for exporting feeds in JSONL and CSV formats.go run ./examples/checkout
Once the server is up, try exercising the flow with curl:
# Create a checkout session with two SKUs
curl -sS -X POST http://localhost:8080/checkout_sessions \
-H 'Content-Type: application/json' \
-d '{
"line_items": [
{"id": "latte"},
{"id": "mug"}
],
"currency": "EUR",
"buyer": {
"first_name": "Ava",
"last_name": "Agent",
"email": "ava.agent@example.com"
}
}'
# Complete the session once you have the id from the response above
curl -sS -X POST http://localhost:8080/checkout_sessions/<session_id>/complete \
-H 'Content-Type: application/json' \
-d '{
"payment_data": {
"provider": "sumup",
"token": "pm_sample_token"
}
}'
Feel free to copy this sample into your own project and swap the in-memory store for your real product catalog, fulfillment rules, and payment hooks.
To see webhook delivery end-to-end, export the environment variables below before starting the sample server. The handler will POST an order_created event every time a checkout session completes.
export ACP_WEBHOOK_ENDPOINT="https://webhook.site/your-endpoint"
export ACP_WEBHOOK_HEADER="Merchant_Name-Signature"
export ACP_WEBHOOK_SECRET="super-secret"
go run ./examples/checkout
go run ./examples/delegated_payment
Then call it with:
curl -sS -X POST http://localhost:8080/agentic_commerce/delegate_payment \
-H 'Content-Type: application/json' \
-d '{
"payment_method": {
"type": "card",
"card_number_type": "fpan",
"number": "4242424242424242",
"exp_month": "11",
"exp_year": "2026",
"display_last4": "4242",
"display_card_funding_type": "credit",
"metadata": {"issuer": "demo-bank"}
},
"allowance": {
"reason": "one_time",
"max_amount": 2000,
"currency": "EUR",
"checkout_session_id": "cs_000001",
"merchant_id": "demo-merchant",
"expires_at": "2025-12-31T23:59:59Z"
},
"risk_signals": [
{"type": "card_testing", "action": "manual_review", "score": 10}
],
"metadata": {"source": "sample"}
}'
go run ./examples/feed
This writes compressed feed exports to examples/feed/output/product_feed.jsonl.gz and examples/feed/output/product_feed.csv.gz.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.