🎩 You're Invited:Meet the Socket team at Black Hat in Las Vegas, August 3-6.RSVP
Sign In

@codespar/mcp-ap2

Package Overview
Dependencies
Maintainers
2
Versions
6
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@codespar/mcp-ap2

MCP server for AP2 — Google's Agent-to-Agent Payment Protocol (authorization, audit, trust)

latest
npmnpm
Version
0.2.0-alpha.3
Version published
Weekly downloads
47
-73.74%
Maintainers
2
Weekly downloads
 
Created
Source

@codespar/mcp-ap2

Alpha release — published under the alpha npm dist-tag. Endpoint paths follow public docs and BACEN/provider conventions but have not been fully live-validated. Pin exact versions during 0.x.x-alpha. Install with npm install <pkg>@alpha.

MCP server for AP2 — Google's Agent-to-Agent Payment Protocol (authorization, audit, and trust for agentic payments)

npm License: MIT

What is AP2?

AP2 (Agent-to-Agent Payment Protocol) is Google's open framework for authorization, audit, and trust in agentic payments. It answers the critical questions: Who authorized this payment? What limits apply? What's the full audit trail?

With 60+ partners including Visa, Mastercard, Stripe, PayPal, and Square, AP2 is the emerging standard for agent payment governance.

Quick Start

Claude Desktop

Add to ~/.config/claude/claude_desktop_config.json:

{
  "mcpServers": {
    "ap2": {
      "command": "npx",
      "args": ["-y", "@codespar/mcp-ap2"],
      "env": {
        "AP2_API_KEY": "your-key",
        "AP2_AGENT_ID": "your-agent-id"
      }
    }
  }
}

Claude Code

claude mcp add ap2 -- npx @codespar/mcp-ap2

Cursor / VS Code

Add to .cursor/mcp.json or .vscode/mcp.json:

{
  "servers": {
    "ap2": {
      "command": "npx",
      "args": ["-y", "@codespar/mcp-ap2"],
      "env": {
        "AP2_API_KEY": "your-key",
        "AP2_AGENT_ID": "your-agent-id"
      }
    }
  }
}

Tools (22)

ToolPurpose
register_agentRegister an AI agent as a trusted payer in the AP2 network.
get_agentGet agent registration details, trust status, and current spend usage
list_agentsList registered agents with optional filters
revoke_agentRevoke an agent's payment authorization.
authorize_paymentRequest payment authorization with scoped limits.
get_authorizationGet authorization details including status, limits, and expiry
list_authorizationsList payment authorizations with optional filters
execute_paymentExecute an authorized payment.
get_audit_trailGet the complete audit trail for a transaction — every authorization, approval, execution, and settlement e...
list_audit_eventsList audit events across all transactions with filters
list_payment_methodsList available payment methods from AP2 partner network (Visa, Mastercard, Stripe, PayPal, etc.)
get_transactionGet full transaction details including authorization, execution, and settlement status
list_transactionsList transactions with optional filters
create_intent_mandateCreate an AP2 intent mandate — a Verifiable Credential expressing the user's intent to delegate a transacti...
create_cart_mandateCreate an AP2 cart mandate — a signed, locked-cart commitment from a merchant binding line items, totals, a...
create_payment_mandateCreate an AP2 payment mandate — the final Verifiable Credential authorizing settlement against a cart mandate.
verify_credentialVerify a Verifiable Credential (intent, cart, or payment mandate).
create_presentationCreate a Verifiable Presentation bundling one or more credentials (e.g.
verify_presentationVerify a Verifiable Presentation and all embedded credentials, including holder binding and challenge nonce.
resolve_didResolve a Decentralized Identifier (DID) to its DID document via the AP2 universal resolver.
create_receiptCreate a signed receipt for a settled payment — a tamper-evident record linking transaction, mandates, and...
verify_receiptVerify a receipt's signature, issuer, and chain back to the originating mandates.

Authentication

AP2 uses a Bearer API key and requires a registered Agent ID.

Get your credentials

  • Visit the AP2 Developer Portal
  • Register your application
  • Generate an API key
  • Register your agent to get an Agent ID
  • Set the environment variables

Sandbox / Testing

AP2 provides a sandbox environment for testing. Set AP2_SANDBOX=true to use it.

Environment Variables

VariableRequiredDescription
AP2_API_KEYYesAPI key from AP2
AP2_AGENT_IDYesRegistered agent ID
AP2_SANDBOXNoSet to true for sandbox mode

Use Cases

  • Authorized agent purchases — Agent requests spend authorization, gets approval with limits, then executes payment
  • Multi-agent commerce — Agent A authorizes Agent B to make payments on its behalf with scoped limits
  • Compliance & audit — Full audit trail of every authorization, approval, execution, and settlement
  • Cross-rail payments — AP2 bridges card payments, bank transfers, wallets, and x402 micropayments

Roadmap

v0.2 (planned)

  • create_policy — Define reusable authorization policies
  • delegate_authority — Allow agent-to-agent authorization delegation
  • get_spend_report — Get spend analytics and reports
  • OAuth 2.0 authentication flow

v0.3 (planned)

  • Webhook support for real-time authorization events
  • Multi-currency support with automatic FX
  • Integration with x402 as payment method

Want to contribute? Open a PR or request a tool.

Enterprise

Need governance, budget limits, and audit trails for agent payments? CodeSpar Enterprise adds policy engine, payment routing, and compliance templates on top of these MCP servers.

License

MIT

Keywords

mcp

FAQs

Package last updated on 22 Jun 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts