Non-custodial · Agent payment orchestration

Your agents decide what to buy.
PayDuct does everything after.

The orchestration layer between your AI agents and every payment rail. One API call handles policy, routing, approvals, cryptographically-signed receipts, and an immutable audit trail — so you never write a line of payment code.

Start building See how it works
<500ms p95 spend latencyNon-custodial — never holds funds7-year immutable audit
agent.py — procurement-agent-01live
# your agent just decided to spend. one call: POST https://api.payduct.com/v1/spend-requests { "agent_id": "procurement-agent-01", "amount": 87.00, "merchant": "Office Depot", "justification": "Restock printer paper" }
# 420ms later — policy checked, card issued, logged { "status": "approved", "rail": "stripe_link", "budget_remaining": 413.00, "receipt_url": "…/r/8f3a", "audit_event_id": "evt_a91c…" }
◈ auto-approved in 420ms · signed & audited
Routes across every railStripe LinkMPPx402 / USDCSkyfireOne API · zero rail code
April 30, 2026

Agentic commerce went live. The hard part just moved.

Stripe Link for Agents fired the starting gun — autonomous agents can finally spend without exposing credentials. But it handed every team a second, harder problem.

Solved · Apr 2026

Credential exposure

Agents no longer need raw card numbers. Stripe Link issues scoped, single-use tokens. The unlock that made agent spending real.

…created

Everyone is now a payments team

To use it safely you must build OAuth flows, manage virtual cards, write a policy engine, reconcile spend, satisfy compliance, and own incident response. That's the new wall.

Six problems you never wanted to own.

Each one is a sub-team's worth of work — and a regulated one. None of it is your agent.

01

OAuth & token flows

Implement Stripe Link OAuth, refresh logic, scoped token issuance — and keep it all out of your logs.

02

Virtual card lifecycle

Issue, scope, expire and reconcile single-use cards per transaction without leaking PANs anywhere.

03

A policy engine

Budgets, allowlists, velocity limits, jurisdiction rules — race-safe under concurrency, for non-deterministic actors.

04

Reconciliation & reports

Map every agent charge to a cost center and GL code so finance doesn't open a ticket every month.

05

Compliance sign-off

HSM-backed key storage, signed authorization receipts, 7-year retention — evidence your CISO will actually accept.

06

Incident response

A kill switch that actually halts spend in under a second — and proves it did, at 2am, to someone who's never logged in.

Stripe solved credentials. No one solved the orchestration.

Multiple payment rails converging into a single glowing orchestration node
Stripe owns the rails · Skyfire owns identity

PayDuct owns the layer in between.

Every rail routes through one orchestration node — policy, approval and audit applied once, consistently, no matter where the money ends up flowing.

One call, end to end

The whole payments layer, abstracted.

Your agent submits a single POST /spend-requests. PayDuct runs it down the conduit — policy to receipt — and returns before your agent finishes its thought.

01

Spend request

One API call with task context & an idempotency key.

02

Policy check

Budgets, allowlists & thresholds — race-safe.

03

Rail routing

Stripe Link today; MPP, x402 & USDC next — same call.

04

Human approval

Only when policy says so — email, Slack or webhook.

05

Execution

Scoped virtual card issued & charged. Idempotent.

06

Receipt + audit

Signed receipt returned; hash-chained log written.

Sub-second immutable event log on every requestZero double-charges — idempotent by contractNo silent failures — retryable errors, always
Policy-as-infrastructure

Write a rule. Read it back in plain English.

The policy engine isn't a config screen — it's the product. Every change renders a plain-English summary your finance and legal teams can actually approve, with a diff before you commit.

  • Budgets, allowlists & thresholds evaluated race-safe under concurrency with a reservation pattern.
  • Plain-English explainer updates live as you edit — and shows a plain-English diff on every change.
  • Full change history — who changed what, when, on which agent.
{
  "budget": { "daily_limit": 500, "currency": "USD" },
  "merchants": { "allow": ["Amazon", "Office Depot"] },
  "auto_approve": { "under": 200 }
}

This agent can spend up to $500/day on Amazon and Office Depot. Purchases under $200 are approved automatically. Everything else requires your approval.

$500
$200
Live summary

This agent can spend up to $500/day on Amazon and Office Depot. Purchases under $200 are approved automatically. Everything else requires your approval.

Trust infrastructure

For when an agent goes rogue at 2am.

A kill switch isn't a feature with a confirm dialog — it's a promise. One tap halts new spend in under a second, surfaces every in-flight transaction, and emails a freeze report before you've finished waking up.

  • <1 second halt, no confirmation, accessible to every role — even read-only responders.
  • Cryptographically signed receipts on every human-approved transaction, with keys isolated from the API layer.
  • Hash-chained audit log, append-only, stored apart from the primary database. Tamper-evident by design.
inventory-agent-03 · active02:11 AM
Anomaly detected — 34 transactions in 7 minutesSpend rate 312% over baseline · $4,247 at risk

Built to a fintech bar, not a demo bar.

0ms
p95 spend latency, auto-approved & receipted
0%
uptime SLA on the spend-request API
0yr
immutable, hash-chained audit retention
$0
funds held — strictly non-custodial
0
double-charges — idempotent by contract
One layer, every operator

From a solo dev's first call to a CISO's sign-off.

Solo agent developers

Production in under 10 minutes

pip install payduct, fire a sandbox spend, promote to live. A thin SDK handles idempotency and retries so the quickstart actually works.

“My agent paid for office supplies and I never wrote a line of payment code.”— Marcus, procurement agent

Enterprise buyers

Evidence your CISO accepts

HSM-backed key storage, signed authorization receipts, 7-year retention with bulk export, and a CISO evidence package — without waiting on a SOC 2 cycle.

“This is the thing I can show legal.”— Rachel, CTO, Series B fintech

Incident responders

A kill switch on every screen

Anomalies surface the moment you log in. One tap halts spend, auto-generates a freeze report, and pre-fills disputes — usable by someone who's never opened the dashboard.

“20 minutes from alert to $4,069 recovered. Never called support.”— Derek, on-call DevOps

Platform builders

One payment layer for 400 agents

Import the pay_for_task() tool definition, add the middleware intercept, and every team inherits policy, budgets and audit — writing zero payment code.

“PayDuct is invisible — exactly as intended.”— Priya, staff engineer, F500 platform

Transparent, transaction-aligned

Pay for spend that actually executes.

Transaction fees apply to successful executions only — never to rejected or failed requests. Every tier includes the full audit log, kill switch, policy engine and sandbox.

Starter
$99/mo
+ 1.25% per executed txn
Solo developers and small teams shipping their first agent.
  • Up to 5 agents
  • 30 spend requests / min
  • Full policy engine + sandbox
  • Email & Slack alerts
Start free in sandbox
Growth
$299/mo
+ 0.9% per executed txn
Series A/B and mid-market teams running agents in production.
  • Up to 25 agents
  • 150 spend requests / min
  • Webhook + SMS alerting
  • Finance-ready spend exports
Start building
Enterprise
Custom
+ 0.5% per executed txn
Platform builders and regulated orgs deploying agents at scale.
  • Unlimited agents · 1,000 rpm
  • CISO evidence package
  • 3-tier budget hierarchy + RBAC
  • SLA guarantees + custom contract
Talk to sales
Hello, world

From install to a live receipt in three steps.

Run the sandbox with simulated rails and chaos injection, then flip one key to go to production. The SDK handles idempotency keys and retries for you.

1
Install & authenticate

One package, one scoped agent API key.

2
Fire a spend request

Real policy evaluation against simulated execution.

3
Read the signed receipt

Status, budget remaining, receipt URL, audit id.

pip install payduct

from payduct import PayDuct

pd = PayDuct(api_key="pd_agent_live_8f3a…")

receipt = pd.spend(
    amount=87.00,
    merchant="Office Depot",
    category="office_supplies",
    justification="Restock printer paper for Q3",
)

print(receipt.status)            # "approved"
print(receipt.budget_remaining)  # 413.00
The window is narrow

Ship agent payments this week.

The team that ships the orchestration and trust layer first owns the category. Start in the sandbox now — no funds, no rail code, no payments team.

Start building Book an enterprise pilot