Set up your trading signal endpoint

Before you can monetize AI trading signals, you need a standard API endpoint. This endpoint acts as the gateway for your service, initially designed to serve data and later upgraded to accept x402 payments. Think of this as building the storefront before you install the cash register.

Start by creating a basic HTTP endpoint that returns your trading data in JSON format. Ensure it handles standard HTTP methods and returns appropriate status codes. This foundational layer is critical because x402 relies on standard HTTP headers to communicate payment requirements. If your endpoint doesn't follow HTTP conventions, the x402 protocol won't know how to interact with it.

Once your basic endpoint is live, you'll integrate the x402 middleware. This middleware intercepts incoming requests and checks for the x-payments header. If a client hasn't paid, the middleware returns a 402 Payment Required status with a payment request payload. This payload tells the client exactly how much to pay, in which currency, and to which address.

1
Create a basic HTTP endpoint

Set up a simple server using your preferred framework (Node.js, Python, Go, etc.). Ensure it responds to GET requests with valid JSON data representing your trading signals. This is your baseline service before adding payment logic.

2
Integrate x402 middleware

Install the x402 middleware package for your language. Configure it to point to your payment routing rules. This middleware will automatically handle the 402 Payment Required responses and payment verification.

3
Define payment routing rules

Specify which assets (e.g., USDC on Base) and which wallet addresses should receive the payments. The x402 protocol uses these rules to generate the correct payment request payload for the client.

4
Test with an x402 client

Use a test x402 client to send a request to your endpoint. Verify that you receive a 402 response with a valid payment request. Then, simulate a payment to ensure your endpoint correctly processes the transaction and releases the data.

With your endpoint configured, you're ready to handle payments. The next step is to ensure your AI agent can discover and interact with your service through the x402 Bazaar, which acts as a discovery layer for x402-enabled services.

Configure the 402 Payment Response

When an unauthorized request hits your endpoint, you need to pause the flow and ask for payment before delivering the trading signal. The x402 protocol handles this by returning a 402 Payment Required status code along with specific instructions on how to pay.

This isn't a generic error page. It is a structured payment request that AI agents can parse automatically. The agent reads the response, executes the payment (usually in USDC), and retries the request with a valid receipt. Your job is to format that initial 402 response correctly so the agent knows exactly where to send the funds and what asset to use.

Step 1: Set the 402 Status Code

Start by intercepting the request. If the user lacks the required credentials or payment receipt, immediately return a 402 status. Do not send a 401 or 403, as those signal authentication failures, not payment requirements. The 402 status is the specific handshake for x402 compliance.

JavaScript
res.status(402).json({
  // Payment details go here
});

Step 2: Define the Payment Method

Inside the JSON body, you must specify how the agent should pay. The most common method for AI trading signals is USDC on a supported chain like Base or Ethereum. You need to provide the paymentMethod object, which tells the agent which network and token to use.

JavaScript
res.status(402).json({
  paymentMethod: {
    type: "crypto",
    chain: "base",
    token: "USDC"
  }
});

Step 3: Provide the Payment Address

The agent needs a destination to send the funds. Include a paymentAddress field in your response. This should be a valid wallet address on the specified chain. Make sure this address is secure and monitored, as it will receive real transactions from automated agents.

JavaScript
res.status(402).json({
  paymentMethod: {
    type: "crypto",
    chain: "base",
    token: "USDC"
  },
  paymentAddress: "0xYourWalletAddressHere"
});

Step 4: Specify the Amount

You can either hardcode a fixed price for the signal or make it dynamic based on the data requested. If fixed, include the amount in the smallest unit of the token (e.g., wei for ETH or cents for USDC). If dynamic, ensure your logic calculates this before returning the response.

JavaScript
res.status(402).json({
  paymentMethod: {
    type: "crypto",
    chain: "base",
    token: "USDC"
  },
  paymentAddress: "0xYourWalletAddressHere",
  amount: "1000000" // 1 USDC on Base (6 decimals)
});

Step 5: Include a Retry Instruction

Finally, add a retryAfter or similar instruction if needed, though x402 agents typically handle retries automatically upon successful payment. The key is that the response must be parseable. Keep the JSON structure clean and minimal. Agents are designed to read this specific format, so avoid adding unnecessary fields that might confuse the parser.

Once your endpoint returns this structured 402 response, AI agents can automatically pay for your trading signals. This creates a seamless, automated commerce layer for your fintech application.

Verify Agent Payment Before Serving Signals

Once the payment is settled, your endpoint must confirm the receipt before releasing any trading data. This step prevents unpaid agents from accessing your AI models. You validate the x-payment-receipt header included in the request.

1. Decode and Validate the JWT

The payment receipt is a signed JSON Web Token (JWT). Extract the header and decode it to verify the signature. Use the public key associated with the agent’s wallet address or the payment processor’s key. If the signature is invalid or expired, reject the request immediately with a 401 Unauthorized status.

2. Check Transaction Status

Verify that the transaction referenced in the JWT is confirmed on-chain. For USDC payments, this means checking the block confirmation count. Ensure the amount matches the price of the trading signal requested. Partial payments or underpayments should be rejected.

3. Confirm Agent Identity

Link the payment receipt to the specific agent making the request. Check that the sender address in the transaction matches the agent’s identity token. This prevents one agent from sharing a paid receipt with another unauthorized user.

4. Log and Serve

If all checks pass, log the verification event for audit purposes. Serve the trading signal data. If any check fails, return a clear error message explaining the rejection reason. This transparency helps agents fix their payment flow.

  • Decode JWT signature using public key
  • Confirm on-chain transaction status and amount
  • Match sender address to agent identity
  • Log verification event before serving data

This verification process ensures only paying agents access your AI trading signals. It builds trust with users and protects your infrastructure from abuse. For more details on x402 ecosystem standards, visit x402.org/ecosystem.

List your endpoint in the x402 Bazaar

Discovery is the bottleneck for AI agents. If your trading signal endpoint isn't indexed, no agent can find it, and no agent can pay you. The x402 Bazaar, managed by the Coinbase Developer Platform (CDP), acts as the central registry where services are cataloged for machine-to-machine discovery.

Registering your endpoint requires a specific interaction with the CDP Facilitator. This isn't a simple form submission; it involves verifying ownership of the endpoint via a challenge-response mechanism to prove you control the service before it goes live.

1
Prepare your endpoint metadata

Before touching the registry, ensure your endpoint responds to the standard x402 402 status code and includes the required headers. You will need the exact URL, a description of the signal (e.g., "BTC/USD momentum"), and the price per request. Clean, machine-readable metadata here prevents rejection during the verification phase.

2
Initiate registration via the CDP Facilitator

Navigate to the CDP Bazaar documentation to access the Facilitator interface. Submit your endpoint details through the designated API or dashboard. The system will generate a unique challenge string that only the owner of the domain can sign.

3
Prove ownership and activate

Return the signed challenge to the Facilitator. Once the signature is verified, your endpoint is listed in the global index. AI agents scanning the Bazaar will now see your service and can initiate payments directly to your wallet address upon successful signal delivery.

Listing your service is the final bridge between code and commerce. Without this step, your endpoint remains invisible to the very agents designed to consume it.

Common mistakes in x402 implementation

Building endpoints for AI trading signals means dealing with high-frequency data and real money. One small slip in the payment loop can break your service or lose funds. Here are the three most frequent errors developers make when integrating the x402 protocol.

Ignoring the receipt validation step

The protocol requires the client to return a payment receipt with their retry request. Many builders skip validating this receipt or assume any valid-looking token is acceptable. In financial contexts, you must verify the receipt against the official payment details provided in the initial 402 response. Failure to do so allows clients to bypass payment or replay old receipts. Always check that the receipt matches the specific transaction hash and amount defined in the 402 header.

Mixing up 402 and 401 status codes

It is common to confuse authentication (401) with payment (402). A 401 response signals that the client needs to prove its identity. A 402 response signals that the client is identified but needs to pay. For AI trading signals, you might need both: authenticate the API key first, then check if the subscription is paid. If you return 402 without proper authentication context, you risk exposing payment endpoints to unauthorized scraping. Keep the payment logic distinct from identity verification.

Not handling retry timeouts correctly

AI agents often operate under strict latency constraints. If your payment gateway or blockchain confirmation takes too long, the agent may timeout and drop the request. This leads to failed trades or incomplete data feeds. Implement a clear retry window in your 402 response and ensure your backend can handle rapid retries without rate-limiting legitimate clients. Consider using stablecoins on low-latency chains like Base to minimize confirmation delays for your AI users.

Frequently asked questions about x402