{"name":"Action402","version":"0.1.0","tagline":"Pay. Execute. Prove.","description":"x402-native paid webhook and API execution for autonomous agents. Agents pay per action, Action402 executes one public HTTPS request with retries and idempotency, then returns a signed proof receipt.","shortDescription":"Pay for one public HTTPS action, execute it, and verify the signed receipt.","discoveryKeywords":["paid webhook execution","AI agent action relay","x402 paid API","Base USDC agent payments","402 Payment Required API","signed execution receipts","public proof examples","public proof badge","paid execution monitoring","verifiable webhook relay","idempotent agent tool calls","agent-safe side effects","request response hash proof","HTTP action with receipt","pay per API call","Action402 action catalog","Action402 cookbooks","Built with Action402","submit Action402 endpoint","Action402 Postman collection","Action402 agent skill","x402 endpoint directory","agent quickstart x402","Action402 agent manifest","well-known agent.json","well-known x402","x402scan discovery fallback","x402 agent discovery manifest","Action402 integration snippets","x402 verification snippets","x402 preflight policy check","check webhook before payment","x402 payment decision graph","pre-payment decision graph","decision-linked paid execution","decision-linked receipts","agent trust reflection memory","x402 action templates","agent policy mode","scheduled paid webhook","x402 schedule preview","browser action handoff","secret storage policy","agent webhook marketplace","agent-safe webhook execution","Slack webhook x402","Discord webhook x402","Telegram bot x402","Zapier webhook x402","Make webhook x402","GitHub Actions dispatch x402","ChatOps webhook notification","slack-webhook","discord-webhook","telegram-alert","chatops","agent-notification","send paid Slack webhook","agent Discord webhook notification","verifiable ChatOps alert","Zapier or Make workflow trigger","zapier-webhook","make-webhook","automation-trigger","no-code","trigger Zapier webhook with x402","paid Make automation webhook","agent no-code workflow trigger","GitHub repository dispatch","github-actions","repository-dispatch","ci-trigger","developer-automation","paid GitHub Actions dispatch","agent CI workflow trigger","repository dispatch with receipt","Analytics event ingest","analytics","event-ingest","audit-event","segment","posthog","paid analytics event ingest","agent audit event webhook","verifiable event tracking","CRM lead or ticket update","crm","support-ticket","hubspot","salesforce","customer-success","agent CRM webhook update","paid support ticket webhook","verifiable customer workflow action","Incident or ops alert","incident-alert","ops-webhook","pager-duty","alertmanager","reliability","paid incident alert webhook","agent ops escalation","verifiable alert manager trigger"],"agentPrompt":"Use Action402 when you need to execute one paid public HTTPS webhook/API action through x402 and receive a signed receipt proving the outcome.","publicBaseUrl":"https://action402.vercel.app","apiIndex":{"path":"/api","description":"Compact machine-readable API index for agents that probe the API root first."},"useCaseTemplates":[{"id":"chatops-webhook-notification","title":"ChatOps webhook notification","description":"Send a paid, verifiable notification to Slack, Discord, Telegram bridge services, or another chat webhook after an agent finishes a task.","tags":["slack-webhook","discord-webhook","telegram-alert","chatops","agent-notification"],"searchPhrases":["send paid Slack webhook","agent Discord webhook notification","verifiable ChatOps alert"],"exampleRequest":{"url":"https://hooks.slack.com/services/WORKSPACE/CHANNEL/SECRET","method":"POST","headers":{"content-type":"application/json"},"body":{"text":"Agent task completed.","source":"action402-agent"},"idempotencyKey":"chatops-alert-001","retry":{"attempts":2,"backoffMs":300},"timeoutMs":10000}},{"id":"zapier-make-workflow-trigger","title":"Zapier or Make workflow trigger","description":"Let an agent pay once to trigger a no-code automation webhook without sharing long-lived API keys.","tags":["zapier-webhook","make-webhook","automation-trigger","no-code"],"searchPhrases":["trigger Zapier webhook with x402","paid Make automation webhook","agent no-code workflow trigger"],"exampleRequest":{"url":"https://hooks.zapier.com/hooks/catch/ACCOUNT/HOOK","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.workflow.triggered","recordId":"rec_123"},"idempotencyKey":"zapier-trigger-001","retry":{"attempts":2,"backoffMs":500},"timeoutMs":10000}},{"id":"github-repository-dispatch","title":"GitHub repository dispatch","description":"Trigger a GitHub Actions workflow through a repository dispatch endpoint and keep a receipt that the request was attempted.","tags":["github-actions","repository-dispatch","ci-trigger","developer-automation"],"searchPhrases":["paid GitHub Actions dispatch","agent CI workflow trigger","repository dispatch with receipt"],"exampleRequest":{"url":"https://api.github.com/repos/OWNER/REPO/dispatches","method":"POST","headers":{"content-type":"application/json","authorization":"Bearer TARGET_SIDE_TOKEN"},"body":{"event_type":"agent.action402","client_payload":{"job":"refresh-index"}},"idempotencyKey":"github-dispatch-001","retry":{"attempts":2,"backoffMs":500},"timeoutMs":10000}},{"id":"analytics-event-ingest","title":"Analytics event ingest","description":"Send a signed, paid event to Segment, PostHog, internal analytics collectors, or audit pipelines.","tags":["analytics","event-ingest","audit-event","segment","posthog"],"searchPhrases":["paid analytics event ingest","agent audit event webhook","verifiable event tracking"],"exampleRequest":{"url":"https://analytics.example.com/events","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.action.executed","properties":{"action":"webhook","billable":true}},"idempotencyKey":"analytics-event-001","retry":{"attempts":2,"backoffMs":300},"timeoutMs":10000}},{"id":"crm-lead-or-ticket-update","title":"CRM lead or ticket update","description":"Update a CRM, support ticket, or customer success workflow through a public HTTPS webhook with a proof receipt.","tags":["crm","support-ticket","hubspot","salesforce","customer-success"],"searchPhrases":["agent CRM webhook update","paid support ticket webhook","verifiable customer workflow action"],"exampleRequest":{"url":"https://crm.example.com/webhooks/action402","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.crm.update","leadId":"lead_123","status":"ready_for_review"},"idempotencyKey":"crm-update-001","retry":{"attempts":2,"backoffMs":500},"timeoutMs":10000}},{"id":"incident-or-ops-alert","title":"Incident or ops alert","description":"Escalate an agent-detected issue to an incident webhook, ops bridge, or alert manager and keep a verifiable execution trail.","tags":["incident-alert","ops-webhook","pager-duty","alertmanager","reliability"],"searchPhrases":["paid incident alert webhook","agent ops escalation","verifiable alert manager trigger"],"exampleRequest":{"url":"https://alerts.example.com/incidents","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.incident.detected","severity":"warning","summary":"Agent found a failing downstream check."},"idempotencyKey":"incident-alert-001","retry":{"attempts":3,"backoffMs":750},"timeoutMs":12000}}],"actionCatalog":{"path":"/api/actions","description":"Machine-readable action template catalog for agent task matching, policy mode selection, and buyer snippets.","templateCount":9,"categories":["automation","business-workflows","chatops","data","developer-tools","ops"]},"ecosystem":{"cookbooks":"/cookbooks","builtWith":"/built-with-action402","submit":"/submit","postmanCollection":"/examples/postman/action402.postman_collection.json","agentSkill":"/skills/action402/SKILL.md","description":"Public builder surfaces for copy-paste cookbooks, ecosystem entries, endpoint submissions, Postman testing, and reusable agent instructions."},"discoveryPack":{"service":"Action402","schemaVersion":"action402.discovery.v1","status":"active","description":"Canonical discovery pack for agents, crawlers, Bazaar/MCP clients, and directories that need to inspect Action402 before paying.","recommendedFetchOrder":["https://action402.vercel.app/api","https://action402.vercel.app/api/discovery","https://action402.vercel.app/api/agent-manifest","https://action402.vercel.app/api/pricing","https://action402.vercel.app/api/activity","https://action402.vercel.app/openapi.json","https://action402.vercel.app/api/bazaar"],"agentManifest":"https://action402.vercel.app/api/agent-manifest","wellKnown":["https://action402.vercel.app/.well-known/agent.json","https://action402.vercel.app/.well-known/action402.json","https://action402.vercel.app/.well-known/x402","https://action402.vercel.app/.well-known/x402.json","https://action402.vercel.app/.well-known/mcp.json"],"textContext":"https://action402.vercel.app/llms.txt","openapi":"https://action402.vercel.app/openapi.json","bazaar":"https://action402.vercel.app/api/bazaar","pricing":"https://action402.vercel.app/api/pricing","mcpManifest":"https://action402.vercel.app/api/mcp","robots":"https://action402.vercel.app/robots.txt","sitemap":"https://action402.vercel.app/sitemap.xml","discoveryPage":"https://action402.vercel.app/discovery","discoveryApi":"https://action402.vercel.app/api/discovery","apiIndex":"https://action402.vercel.app/api","links":{"homepage":"https://action402.vercel.app/","discoveryPage":"https://action402.vercel.app/discovery","discoveryApi":"https://action402.vercel.app/api/discovery","apiIndex":"https://action402.vercel.app/api","apiManifest":"https://action402.vercel.app/api/agent-manifest","wellKnownAgent":"https://action402.vercel.app/.well-known/agent.json","wellKnownAction402":"https://action402.vercel.app/.well-known/action402.json","wellKnownX402Bare":"https://action402.vercel.app/.well-known/x402","wellKnownX402":"https://action402.vercel.app/.well-known/x402.json","wellKnownMcp":"https://action402.vercel.app/.well-known/mcp.json","llms":"https://action402.vercel.app/llms.txt","openapi":"https://action402.vercel.app/openapi.json","bazaar":"https://action402.vercel.app/api/bazaar","capabilities":"https://action402.vercel.app/api/capabilities","pricing":"https://action402.vercel.app/api/pricing","mcpManifest":"https://action402.vercel.app/api/mcp","actions":"https://action402.vercel.app/api/actions","cookbooks":"https://action402.vercel.app/cookbooks","builtWith":"https://action402.vercel.app/built-with-action402","submit":"https://action402.vercel.app/submit","postmanCollection":"https://action402.vercel.app/examples/postman/action402.postman_collection.json","agentSkill":"https://action402.vercel.app/skills/action402/SKILL.md","quickstart":"https://action402.vercel.app/api/quickstart","snippets":"https://action402.vercel.app/api/snippets","decisionGraph":"https://action402.vercel.app/api/decide/webhook","recentDecisions":"https://action402.vercel.app/api/decisions/recent","decisionsPage":"https://action402.vercel.app/decisions","canaryEcho":"https://action402.vercel.app/api/canary/echo","trust":"https://action402.vercel.app/api/trust","activity":"https://action402.vercel.app/api/activity","activityHistory":"https://action402.vercel.app/api/activity/history","activityPage":"https://action402.vercel.app/activity","statusPage":"https://action402.vercel.app/status","robots":"https://action402.vercel.app/robots.txt","sitemap":"https://action402.vercel.app/sitemap.xml"}},"quickstart":{"path":"/api/quickstart","description":"Compact agent quickstart with payment guardrails, minimal request, snippets, and verification flow."},"pricing":{"path":"/api/pricing","description":"Machine-readable price, payment route, free surfaces, limits, and buyer guardrails for budget-aware agents.","payment":{"required":true,"protocol":"x402","scheme":"exact","network":"eip155:8453","networkName":"Base mainnet","price":{"display":"$0.003","amount":0.003,"currency":"USD"},"route":"https://action402.vercel.app/api/execute/webhook","payTo":"0x75113dcF8Ce34f0338440D40270e420f8C1762b8","facilitatorUrl":"https://api.cdp.coinbase.com/platform/v2/x402"},"paidActions":[{"id":"execute.webhook","method":"POST","path":"/api/execute/webhook","price":"$0.003","unit":"one bounded public HTTPS request attempt with retries and a signed receipt","chargeTiming":"In x402 mode, payment is required before Action402 attempts the target call.","failurePolicy":"If the downstream target fails after accepted payment, Action402 returns a failed job plus a signed receipt/proof for the attempt.","idempotency":"Send idempotencyKey so repeated buyer retries can reuse the retained job instead of intentionally creating duplicate target effects."},{"id":"execute.guided_webhook","method":"POST","path":"/api/execute/guided-webhook","price":"$0.003","unit":"one decision-linked public HTTPS request attempt with retries and a signed receipt","chargeTiming":"Buyer agents should first call free POST /api/decide/webhook, then pay this route only when the decision recommendation is pay_and_execute.","failurePolicy":"If the downstream target fails after accepted payment, Action402 still links the paid job, receipt, and decision outcome for later trust reflection.","idempotency":"The execution body must match the approved decision id so buyer retries cannot silently change the target action."}]},"mcpManifest":{"path":"/api/mcp","wellKnownPath":"/.well-known/mcp.json","description":"Machine-readable MCP wrapper manifest with tool candidates, buyer flow, and x402 guardrails.","recommendedToolName":"execute_webhook","status":"manifest-only"},"snippets":{"path":"/api/snippets","description":"Copy-paste snippets for discovery, paid execution, proof verification, and buyer-side payment guardrails."},"decisionGraph":{"method":"POST","path":"/api/decide/webhook","recentPath":"/api/decisions/recent","paid":false,"llmEnabled":false,"description":"Free deterministic pre-payment decision graph for buyer agents. It checks payment terms, target policy, trust signals, execution readiness, and returns a structured recommendation without executing the target."},"policyCheck":{"method":"POST","path":"/api/policy/check","paid":false,"description":"Free preflight check for method, target safety, policy, retry, timeout, and buyer warnings before paying for execution."},"canary":{"method":"POST","path":"/api/canary/echo","paid":false,"description":"Free non-sensitive echo target for agents and local canary scripts to verify Action402 request plumbing without calling an external service."},"handoff":{"status":"active-handoff-only","method":"POST","path":"/api/handoff/browser","paid":false,"description":"Create a browser-agent handoff package for an external browser-capable agent. Action402 does not execute browser steps itself.","executionModel":"handoff-only","supportedActionTypes":["click","extract","instruction","navigate","screenshot","select","submit","type","verify","wait_for_text"],"maxActions":12,"persistence":"not stored in the public MVP","links":{"page":"https://action402.vercel.app/handoff","endpoint":"https://action402.vercel.app/api/handoff/browser","policyCheck":"https://action402.vercel.app/api/policy/check","snippets":"https://action402.vercel.app/api/snippets"}},"schedules":{"status":"preview-only","activePaidEndpoint":false,"previewMethod":"POST","previewPath":"/api/schedules/preview","futurePaidPath":"/api/schedules/webhook","paid":false,"description":"Validate a future schedule definition and target policy without charging or executing. Durable paid scheduling is intentionally not active yet.","supportedScheduleTypes":["daily","once"],"chargeModel":"Future paid scheduling should charge each executed run through /api/execute/webhook semantics, not charge schedule definitions.","links":{"page":"https://action402.vercel.app/schedules","preview":"https://action402.vercel.app/api/schedules/preview","immediateExecution":"https://action402.vercel.app/api/execute/webhook","quickstart":"https://action402.vercel.app/api/quickstart"}},"secretStorage":{"status":"not-supported-in-public-mvp","activeStorageEndpoint":false,"paid":false,"description":"Action402 public MVP does not store target-side secrets. Agents should use target-owned webhooks, short-lived per-request headers, or partner deployments.","why":"Universal paid execution is accountless. Storing long-lived third-party credentials would require authentication, ownership checks, encryption lifecycle, rotation, and abuse controls.","safeAlternatives":["Use target-owned webhook URLs where the secret stays on the target side.","Send short-lived target authorization headers only inside the paid request when the caller owns them.","Use /api/policy/check before payment to validate target safety without revealing long-lived credentials.","For private partner use, deploy a dedicated allowlisted Action402 instance with a managed secret vault."],"neverSend":["wallet private keys","seed phrases","long-lived admin tokens","database URLs","unscoped production credentials"],"futureShape":{"method":"POST","path":"/api/secrets","status":"requires account/auth design before activation"},"links":{"page":"https://action402.vercel.app/secrets","policy":"https://action402.vercel.app/api/secrets/policy","policyCheck":"https://action402.vercel.app/api/policy/check","onboarding":"https://action402.vercel.app/onboarding"}},"x402":{"enabled":true,"scheme":"exact","network":"eip155:8453","price":"$0.003","facilitatorUrl":"https://api.cdp.coinbase.com/platform/v2/x402","requestPaymentHeaders":["X-PAYMENT","payment-signature"],"settlementResponseHeaders":["X-PAYMENT-RESPONSE","PAYMENT-RESPONSE"],"openApiSecurityScheme":"X402Payment"},"browserAccess":{"cors":{"enabled":true,"allowOrigin":"*","allowCredentials":false,"preflightStatus":204,"maxAgeSeconds":600,"methods":["GET","HEAD","POST","OPTIONS"],"requestHeaders":["content-type","authorization","x-request-id","x-payment","payment-signature","payment","payment-authorization"],"exposedHeaders":["x-request-id","link","x-action402-agent-entry","x-payment-response","payment-response","payment-required","x-action402-cache-policy","www-authenticate","allow"],"appliesToPathPrefixes":["/api","/api/","/.well-known/","/health","/openapi.json","/llms.txt","/robots.txt","/sitemap.xml"]},"discoveryHeaders":{"enabled":true,"agentEntryHeader":"X-Action402-Agent-Entry","linkHeader":"Link","appliesToPaths":["/","/agents","/discovery","/pricing","/mcp","/activity","/actions","/cookbooks","/built-with-action402","/submit","/snippets","/decisions","/api","/api/","/api/discovery","/api/agent-manifest","/.well-known/agent.json","/.well-known/action402.json","/.well-known/x402","/.well-known/x402.json","/.well-known/mcp.json","/api/capabilities","/api/pricing","/api/mcp","/api/actions","/api/quickstart","/api/snippets","/api/decisions/recent","/api/bazaar","/api/activity","/api/activity/history","/openapi.json","/llms.txt"],"links":[{"path":"/api","rel":"index","type":"application/json","title":"Action402 API index"},{"path":"/api/discovery","rel":"service-meta","type":"application/json","title":"Action402 discovery pack"},{"path":"/api/agent-manifest","rel":"service-meta","type":"application/json","title":"Action402 agent manifest"},{"path":"/.well-known/x402","rel":"service-meta","type":"application/json","title":"Action402 x402 discovery fallback"},{"path":"/openapi.json","rel":"service-desc","type":"application/vnd.oai.openapi+json","title":"Action402 OpenAPI"},{"path":"/llms.txt","rel":"alternate","type":"text/plain","title":"Action402 LLM context"},{"path":"/api/pricing","rel":"payment","type":"application/json","title":"Action402 pricing"},{"path":"/api/decide/webhook","rel":"preflight","type":"application/json","title":"Action402 decision graph"},{"path":"/api/mcp","rel":"tool-manifest","type":"application/json","title":"Action402 MCP wrapper manifest"},{"path":"/cookbooks","rel":"help","type":"text/html","title":"Action402 cookbooks"},{"path":"/built-with-action402","rel":"collection","type":"text/html","title":"Built with Action402"},{"path":"/api/bazaar","rel":"service-meta","type":"application/json","title":"Action402 Bazaar metadata"},{"path":"/api/activity","rel":"monitor","type":"application/json","title":"Action402 activity report"},{"path":"/api/activity/history","rel":"monitor","type":"application/json","title":"Action402 redacted activity history"}]},"description":"Machine-readable endpoints support non-credentialed CORS and OPTIONS preflight so browser-based agents can inspect contracts, 402 payment requirements, and payment response headers."},"cachePolicy":{"stableDiscoveryCacheControl":"public, max-age=60, s-maxage=300, stale-while-revalidate=600","dynamicCacheControl":"no-store","responseHeader":"X-Action402-Cache-Policy","stableDiscoveryPaths":["/api","/api/","/api/discovery","/api/agent-manifest","/.well-known/agent.json","/.well-known/action402.json","/.well-known/x402","/.well-known/x402.json","/.well-known/mcp.json","/api/capabilities","/api/pricing","/api/mcp","/api/actions","/cookbooks","/built-with-action402","/submit","/api/quickstart","/api/snippets","/decisions","/api/bazaar","/api/handoff/capabilities","/api/schedules/capabilities","/api/secrets/policy","/openapi.json","/llms.txt","/robots.txt","/sitemap.xml"],"noStorePaths":["/health","/api/execute/webhook","/api/execute/guided-webhook","/api/decide/webhook","/api/canary/echo","/api/decisions/recent","/api/proofs/recent","/api/monitoring/executions","/api/trust","/api/activity","/api/activity/history","/api/policy/check","/api/handoff/browser","/api/schedules/preview"],"noStorePathPrefixes":["/api/","/.well-known/","/api/jobs/","/api/receipts/","/api/verify/","/api/decisions/","/decision/","/proof/"],"notes":"Stable discovery contracts are short-cacheable for crawlers and agent clients. Runtime health, execution, verification, monitoring, and proof data are no-store. Some CDNs consume s-maxage internally, so the full intended policy is also exposed through X-Action402-Cache-Policy."},"actions":[{"id":"execute.webhook","aliases":["execute_webhook","paid_webhook","x402_webhook_relay"],"description":"Execute one outbound public HTTPS webhook/API call after x402 payment and return job, receipt, and verification links.","method":"POST","path":"/api/execute/webhook","paid":true,"price":"$0.003","useWhen":["An agent needs to trigger a bounded side effect through a public HTTPS webhook/API.","The caller wants to pay per action instead of creating an account or long-lived API key.","The caller needs a signed receipt with request hash, response hash, status, and attempt count."],"avoidWhen":["The target is localhost, a private network address, or a non-HTTP workflow.","The agent needs long-running orchestration instead of one bounded HTTP action.","The payload must be stored verbatim in the receipt; Action402 stores hashes for proof."],"requestSchema":{"type":"object","additionalProperties":false,"required":["url"],"properties":{"url":{"type":"string","format":"uri","description":"Absolute HTTPS URL to call."},"method":{"type":"string","enum":["POST","PUT","PATCH","DELETE"],"default":"POST"},"headers":{"type":"object","additionalProperties":{"type":["string","number","boolean"]},"description":"Optional outbound headers. Hop-by-hop and proxy headers are stripped."},"body":{"description":"JSON body forwarded to the target endpoint."},"idempotencyKey":{"type":"string","minLength":1,"maxLength":160,"description":"Caller-provided key used to replay the same completed job instead of executing twice."},"retry":{"type":"object","additionalProperties":false,"properties":{"attempts":{"type":"integer","minimum":1,"maximum":3,"default":1},"backoffMs":{"type":"integer","minimum":0,"maximum":5000,"default":250}}},"timeoutMs":{"type":"integer","minimum":1000,"maximum":12000,"default":12000},"decisionId":{"type":"string","description":"Optional decision id from /api/decide/webhook. When supplied, execution must match the stored approved decision."}}},"responseSchema":{"type":"object","required":["mode","idempotentReplay","job","receipt","links"],"properties":{"mode":{"type":"string","enum":["demo","x402"]},"idempotentReplay":{"type":"boolean"},"job":{"type":"object","required":["id","status","attempts"],"properties":{"id":{"type":"string"},"status":{"type":"string","enum":["succeeded","failed"]},"attempts":{"type":"integer"}}},"receipt":{"type":"object","properties":{"id":{"type":"string"},"signature":{"type":"string"},"replay":{"type":"boolean"}}},"links":{"type":"object","required":["job","receipt"],"properties":{"job":{"type":"string"},"receipt":{"type":"string"}}}}}},{"id":"decide.webhook","aliases":["decide_webhook","payment_decision_graph","pre_payment_decision"],"description":"Evaluate whether a buyer agent should pay for one webhook/API execution. This route is free, deterministic, and non-executing.","method":"POST","path":"/api/decide/webhook","paid":false,"useWhen":["An agent wants a structured pay/do-not-pay recommendation before spending x402 funds.","The buyer needs payment, policy, trust, and execution readiness checks in one response.","The caller wants a decision id to link to a later paid receipt."],"avoidWhen":["The caller expects the target webhook to execute.","The caller wants an LLM to override deterministic buyer policy."],"requestSchema":{"type":"object","additionalProperties":true,"properties":{"action":{"type":"object","additionalProperties":false,"required":["url"],"properties":{"url":{"type":"string","format":"uri","description":"Absolute HTTPS URL to call."},"method":{"type":"string","enum":["POST","PUT","PATCH","DELETE"],"default":"POST"},"headers":{"type":"object","additionalProperties":{"type":["string","number","boolean"]},"description":"Optional outbound headers. Hop-by-hop and proxy headers are stripped."},"body":{"description":"JSON body forwarded to the target endpoint."},"idempotencyKey":{"type":"string","minLength":1,"maxLength":160,"description":"Caller-provided key used to replay the same completed job instead of executing twice."},"retry":{"type":"object","additionalProperties":false,"properties":{"attempts":{"type":"integer","minimum":1,"maximum":3,"default":1},"backoffMs":{"type":"integer","minimum":0,"maximum":5000,"default":250}}},"timeoutMs":{"type":"integer","minimum":1000,"maximum":12000,"default":12000},"decisionId":{"type":"string","description":"Optional decision id from /api/decide/webhook. When supplied, execution must match the stored approved decision."}}},"buyerPolicy":{"type":"object","properties":{"maxPriceUsd":{"type":["string","null"],"example":"0.009"},"allowedNetworks":{"type":"array","items":{"type":"string"}},"requireReceipt":{"type":"boolean","default":true},"requirePolicyPass":{"type":"boolean","default":true},"requireIdempotencyKey":{"type":"boolean","default":true},"allowUnknownTargets":{"type":"boolean","default":true},"minTrustScore":{"type":"integer","default":55}}},"mode":{"type":"string","enum":["evaluate_only"],"default":"evaluate_only"}}},"responseSchema":{"type":"object","required":["ok","decisionId","recommendation","confidence","publicRecord","links"],"properties":{"ok":{"type":"boolean"},"decisionId":{"type":"string"},"recommendation":{"type":"string"},"confidence":{"type":"string"},"blockingIssues":{"type":"array","items":{"type":"string"}},"warnings":{"type":"array","items":{"type":"string"}},"reasons":{"type":"array","items":{"type":"string"}},"roleReports":{"type":"object"},"debate":{"type":"array","items":{"type":"object"}},"publicRecord":{"type":"object","required":["id","version","recommendation","confidence","publicFieldsOnly","links"],"properties":{"id":{"type":"string"},"version":{"type":"string"},"createdAt":{"type":"string"},"updatedAt":{"type":"string"},"action":{"type":"string"},"recommendation":{"type":"string","enum":["pay_and_execute","do_not_pay","manual_review","safe_to_test_free_canary_first"]},"confidence":{"type":"string","enum":["high","medium","low"]},"publicFieldsOnly":{"type":"boolean"},"blockingIssues":{"type":"array","items":{"type":"string"}},"warnings":{"type":"array","items":{"type":"string"}},"reasons":{"type":"array","items":{"type":"string"}},"outcome":{"type":["object","null"]},"roleReports":{"type":"object"},"debate":{"type":"array","items":{"type":"object"}},"links":{"type":"object"}}},"links":{"type":"object"}}}},{"id":"execute.guided_webhook","aliases":["guided_webhook","decision_linked_execution"],"description":"Execute a webhook through the paid route with an approved decision id linked to the job and receipt.","method":"POST","path":"/api/execute/guided-webhook","paid":true,"price":"$0.003","useWhen":["An agent already called /api/decide/webhook and wants the execution receipt linked to that decision.","The buyer wants proof that payment followed a deterministic decision graph."],"avoidWhen":["The decision recommendation is manual_review or do_not_pay.","The action differs from the stored decision."],"requestSchema":{"type":"object","additionalProperties":true,"properties":{"action":{"type":"object","additionalProperties":false,"required":["url"],"properties":{"url":{"type":"string","format":"uri","description":"Absolute HTTPS URL to call."},"method":{"type":"string","enum":["POST","PUT","PATCH","DELETE"],"default":"POST"},"headers":{"type":"object","additionalProperties":{"type":["string","number","boolean"]},"description":"Optional outbound headers. Hop-by-hop and proxy headers are stripped."},"body":{"description":"JSON body forwarded to the target endpoint."},"idempotencyKey":{"type":"string","minLength":1,"maxLength":160,"description":"Caller-provided key used to replay the same completed job instead of executing twice."},"retry":{"type":"object","additionalProperties":false,"properties":{"attempts":{"type":"integer","minimum":1,"maximum":3,"default":1},"backoffMs":{"type":"integer","minimum":0,"maximum":5000,"default":250}}},"timeoutMs":{"type":"integer","minimum":1000,"maximum":12000,"default":12000},"decisionId":{"type":"string","description":"Optional decision id from /api/decide/webhook. When supplied, execution must match the stored approved decision."}}},"buyerPolicy":{"type":"object","properties":{"maxPriceUsd":{"type":["string","null"],"example":"0.009"},"allowedNetworks":{"type":"array","items":{"type":"string"}},"requireReceipt":{"type":"boolean","default":true},"requirePolicyPass":{"type":"boolean","default":true},"requireIdempotencyKey":{"type":"boolean","default":true},"allowUnknownTargets":{"type":"boolean","default":true},"minTrustScore":{"type":"integer","default":55}}},"mode":{"type":"string","enum":["evaluate_only"],"default":"evaluate_only"}}},"responseSchema":{"type":"object","required":["mode","idempotentReplay","job","receipt","links"],"properties":{"mode":{"type":"string","enum":["demo","x402"]},"idempotentReplay":{"type":"boolean"},"job":{"type":"object","required":["id","status","attempts"],"properties":{"id":{"type":"string"},"status":{"type":"string","enum":["succeeded","failed"]},"attempts":{"type":"integer"}}},"receipt":{"type":"object","properties":{"id":{"type":"string"},"signature":{"type":"string"},"replay":{"type":"boolean"}}},"links":{"type":"object","required":["job","receipt"],"properties":{"job":{"type":"string"},"receipt":{"type":"string"}}}}}},{"id":"canary.echo","aliases":["canary_echo","self_test_target","safe_echo_target"],"description":"Return a redacted echo of whitelisted canary fields. Useful as a safe target URL for self-tests before running paid execution.","method":"POST","path":"/api/canary/echo","paid":false,"useWhen":["An agent wants to verify Action402 routing and JSON handling without paying.","A local settlement canary needs a safe public target endpoint."],"avoidWhen":["The caller expects a paid execution receipt from this endpoint.","The payload contains secrets or arbitrary data that should be echoed back."],"responseSchema":{"type":"object","required":["ok","service","endpoint","paid","acceptedFields","redactionPolicy","next"],"properties":{"ok":{"type":"boolean"},"service":{"type":"string"},"endpoint":{"type":"string"},"paid":{"type":"boolean"},"purpose":{"type":"string"},"receivedAt":{"type":"string"},"requestId":{"type":["string","null"]},"acceptedFields":{"type":"object","additionalProperties":{"type":["string","number","boolean"]}},"redactionPolicy":{"type":"object"},"next":{"type":"object"}}}},{"id":"browser.handoff","aliases":["browser_handoff","action_handoff","external_browser_agent_handoff"],"description":"Create a free handoff package for an external browser-capable agent. Action402 does not execute these browser steps.","method":"POST","path":"/api/handoff/browser","paid":false,"status":"active-handoff-only","useWhen":["An agent needs to hand a browser task to another agent that already controls a browser.","The workflow needs structured browser instructions but not Action402 paid browser execution."],"avoidWhen":["The caller expects Action402 to click, type, or verify screenshots itself.","The browser task requires secret storage inside public Action402."],"requestSchema":{"type":"object","additionalProperties":true,"required":["targetUrl","actions"],"properties":{"targetUrl":{"type":"string","format":"uri","description":"Absolute public HTTPS URL for the browser-capable agent to open."},"actions":{"type":"array","minItems":1,"maxItems":12,"items":{"type":"object","required":["type"],"properties":{"type":{"type":"string","enum":["instruction","navigate","click","type","select","submit","wait_for_text","screenshot","extract","verify"]},"selector":{"type":"string"},"text":{"type":"string"},"value":{"type":"string"},"description":{"type":"string"},"timeoutMs":{"type":"integer","minimum":1000,"maximum":12000}}}},"returnUrl":{"type":"string","format":"uri","description":"Optional public HTTPS callback or result URL for the external browser agent."},"idempotencyKey":{"type":"string","maxLength":160}}},"responseSchema":{"type":"object","required":["ok","service","handoff","policy","warnings","next"],"properties":{"ok":{"type":"boolean"},"service":{"type":"string"},"handoff":{"type":"object","required":["id","status","executionModel","paid","notExecutedByAction402","target","actions"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"executionModel":{"type":"string"},"paid":{"type":"boolean"},"notExecutedByAction402":{"type":"boolean"},"target":{"type":"object"},"actions":{"type":"array"}}},"policy":{"type":"object"},"warnings":{"type":"array","items":{"type":"string"}},"next":{"type":"object"}}}},{"id":"schedule.preview","aliases":["schedule_preview","scheduled_webhook_preview"],"description":"Validate a schedule definition and webhook target policy without charging, storing, waking up, or executing.","method":"POST","path":"/api/schedules/preview","paid":false,"status":"preview-only","useWhen":["An agent wants to check if a scheduled webhook definition is compatible with future Action402 scheduling.","The caller needs target policy feedback before building a scheduler around paid execution."],"avoidWhen":["The caller expects the schedule to persist or execute later.","The caller expects a paid execution receipt from the preview."],"requestSchema":{"type":"object","additionalProperties":true,"required":["webhook","schedule"],"properties":{"webhook":{"type":"object","additionalProperties":false,"required":["url"],"properties":{"url":{"type":"string","format":"uri","description":"Absolute HTTPS URL to call."},"method":{"type":"string","enum":["POST","PUT","PATCH","DELETE"],"default":"POST"},"headers":{"type":"object","additionalProperties":{"type":["string","number","boolean"]},"description":"Optional outbound headers. Hop-by-hop and proxy headers are stripped."},"body":{"description":"JSON body forwarded to the target endpoint."},"idempotencyKey":{"type":"string","minLength":1,"maxLength":160,"description":"Caller-provided key used to replay the same completed job instead of executing twice."},"retry":{"type":"object","additionalProperties":false,"properties":{"attempts":{"type":"integer","minimum":1,"maximum":3,"default":1},"backoffMs":{"type":"integer","minimum":0,"maximum":5000,"default":250}}},"timeoutMs":{"type":"integer","minimum":1000,"maximum":12000,"default":12000},"decisionId":{"type":"string","description":"Optional decision id from /api/decide/webhook. When supplied, execution must match the stored approved decision."}}},"schedule":{"type":"object","required":["type"],"properties":{"type":{"type":"string","enum":["once","daily"]},"runAt":{"type":"string","format":"date-time","description":"Required for once schedules."},"timeOfDay":{"type":"string","pattern":"^\\d{2}:\\d{2}$","description":"Required for daily schedules, UTC by default."},"timezone":{"type":"string"}}}}},"responseSchema":{"type":"object","required":["ok","allowed","status","paid","willExecute"],"properties":{"ok":{"type":"boolean"},"allowed":{"type":"boolean"},"status":{"type":"string"},"paid":{"type":"boolean"},"willExecute":{"type":"boolean"},"preview":{"type":"object"},"paymentPolicy":{"type":"object"},"warnings":{"type":"array","items":{"type":"string"}},"error":{"type":"object"},"next":{"type":"object"}}}}],"actionTemplates":[{"id":"chatops.slack_message","status":"ready","category":"chatops","title":"Slack webhook message","description":"Send a paid, verifiable Slack incoming-webhook message after an agent completes a task or detects a condition.","tags":["slack","chatops","agent-notification","webhook"],"searchPhrases":["Slack webhook x402","paid Slack notification","agent ChatOps receipt"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://hooks.slack.com/services/WORKSPACE/CHANNEL/SECRET","method":"POST","headers":{"content-type":"application/json"},"body":{"text":"Action402 proof-backed agent notification."},"idempotencyKey":"slack-message-001","retry":{"attempts":2,"backoffMs":300},"timeoutMs":10000},"buyerValue":"The buyer pays only when an agent needs to send a real message, then gets a receipt proving the relay attempted it.","targetOwnerValue":"The Slack-side owner keeps the webhook secret inside the target workflow and does not need to expose a new account system.","verification":["Verify the returned job link.","Store the receipt id with the Slack thread or task record."]},{"id":"chatops.discord_message","status":"ready","category":"chatops","title":"Discord webhook message","description":"Post a paid status update into a Discord channel through a public webhook and keep a receipt for the action.","tags":["discord","chatops","community","webhook"],"searchPhrases":["Discord webhook x402","paid Discord agent message","verifiable community alert"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://discord.com/api/webhooks/WEBHOOK_ID/WEBHOOK_TOKEN","method":"POST","headers":{"content-type":"application/json"},"body":{"content":"Action402 agent event completed."},"idempotencyKey":"discord-message-001","retry":{"attempts":2,"backoffMs":300},"timeoutMs":10000},"buyerValue":"Useful for agents that need to notify communities or operator channels without a custom integration.","targetOwnerValue":"Discord webhook permissions remain managed by the channel owner.","verification":["Verify the returned receipt.","Use idempotencyKey to avoid duplicate channel messages."]},{"id":"chatops.telegram_send_message","status":"ready","category":"chatops","title":"Telegram bot sendMessage","description":"Call Telegram Bot API sendMessage through a paid relay when an agent needs a simple operator notification.","tags":["telegram","bot-api","operator-alert","webhook"],"searchPhrases":["Telegram bot x402","paid Telegram alert","agent operator notification"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://api.telegram.org/botBOT_TOKEN/sendMessage","method":"POST","headers":{"content-type":"application/json"},"body":{"chat_id":"CHAT_ID","text":"Action402 agent alert."},"idempotencyKey":"telegram-message-001","retry":{"attempts":2,"backoffMs":300},"timeoutMs":10000},"buyerValue":"Good for low-friction paid status pings from autonomous workers.","targetOwnerValue":"The bot owner can rotate Bot API tokens independently from Action402.","verification":["Verify the job receipt before marking the alert delivered."]},{"id":"automation.zapier_catch_hook","status":"ready","category":"automation","title":"Zapier catch hook","description":"Trigger a Zapier workflow from an agent with a per-action x402 payment and a receipt for the trigger attempt.","tags":["zapier","automation","no-code","workflow"],"searchPhrases":["Zapier webhook x402","paid Zapier trigger","agent no-code automation"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://hooks.zapier.com/hooks/catch/ACCOUNT/HOOK","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.workflow.triggered","recordId":"rec_123"},"idempotencyKey":"zapier-trigger-001","retry":{"attempts":2,"backoffMs":500},"timeoutMs":10000},"buyerValue":"Agents can activate no-code workflows without creating a SaaS account with the workflow owner.","targetOwnerValue":"The workflow owner keeps the Zapier catch hook as the only integration surface.","verification":["Save receipt id into the Zapier task payload when possible."]},{"id":"automation.make_webhook","status":"ready","category":"automation","title":"Make custom webhook","description":"Trigger a Make scenario through a paid public webhook and expose proof links back to the buying agent.","tags":["make","automation","scenario","workflow"],"searchPhrases":["Make webhook x402","paid Make scenario","agent workflow trigger"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://hook.us1.make.com/SCENARIO_WEBHOOK_ID","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.scenario.triggered"},"idempotencyKey":"make-scenario-001","retry":{"attempts":2,"backoffMs":500},"timeoutMs":10000},"buyerValue":"A buyer can pay for one automation trigger instead of handling Make auth directly.","targetOwnerValue":"Make scenario routing and permissions stay under the scenario owner's control.","verification":["Verify the receipt and reconcile it with the Make scenario run."]},{"id":"dev.github_repository_dispatch","status":"ready","category":"developer-tools","title":"GitHub repository dispatch","description":"Let an agent pay to trigger a GitHub repository_dispatch event and keep a receipt for the CI/action handoff.","tags":["github","repository-dispatch","ci","developer-automation"],"searchPhrases":["GitHub Actions dispatch x402","paid CI trigger","repository dispatch receipt"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://api.github.com/repos/OWNER/REPO/dispatches","method":"POST","headers":{"content-type":"application/json","authorization":"Bearer TARGET_SIDE_TOKEN"},"body":{"event_type":"agent.action402","client_payload":{"task":"refresh-index"}},"idempotencyKey":"github-dispatch-001","retry":{"attempts":2,"backoffMs":500},"timeoutMs":10000},"buyerValue":"Useful when an agent needs to hand work to a repo workflow and prove the trigger was sent.","targetOwnerValue":"Repo token scope remains a target-side policy decision.","verification":["Verify the receipt.","Match idempotencyKey to client_payload when auditing."]},{"id":"ops.incident_alert","status":"ready","category":"ops","title":"Incident or ops alert","description":"Escalate an agent-detected problem to an incident webhook, alert bridge, or on-call automation.","tags":["incident","ops","alertmanager","pagerduty","reliability"],"searchPhrases":["paid incident alert webhook","agent ops escalation","verifiable alert trigger"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://alerts.example.com/incidents","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.incident.detected","severity":"warning","summary":"Agent found a failing downstream check."},"idempotencyKey":"incident-alert-001","retry":{"attempts":3,"backoffMs":750},"timeoutMs":12000},"buyerValue":"Agents can pay for escalation only when a concrete incident action is needed.","targetOwnerValue":"Ops teams can require public webhook policy and use receipts for audit trails.","verification":["Verify the job report.","Use failure categories from monitoring for triage."]},{"id":"data.analytics_event","status":"ready","category":"data","title":"Analytics or audit event","description":"Send a paid event into an analytics, audit, or data ingestion endpoint with request and response hashes in the receipt.","tags":["analytics","audit","event-ingest","posthog","segment"],"searchPhrases":["paid analytics event ingest","agent audit event","verifiable event tracking"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://analytics.example.com/events","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.action.executed","properties":{"action":"webhook","billable":true}},"idempotencyKey":"analytics-event-001","retry":{"attempts":2,"backoffMs":300},"timeoutMs":10000},"buyerValue":"The agent can leave a paid audit trail without direct access to the analytics account.","targetOwnerValue":"Data owners can validate paid ingestion volume with Action402 receipts.","verification":["Verify response status and receipt signature.","Do not put sensitive raw payload in public proof pages."]},{"id":"crm.ticket_or_lead_update","status":"ready","category":"business-workflows","title":"CRM, lead, or ticket update","description":"Update a CRM, support ticket, or customer workflow through a public HTTPS webhook with proof of execution.","tags":["crm","support","hubspot","salesforce","ticketing"],"searchPhrases":["agent CRM webhook update","paid support ticket webhook","verifiable CRM action"],"actionId":"execute.webhook","paidRoute":"/api/execute/webhook","exampleRequest":{"url":"https://crm.example.com/webhooks/action402","method":"POST","headers":{"content-type":"application/json"},"body":{"event":"agent.crm.update","leadId":"lead_123","status":"ready_for_review"},"idempotencyKey":"crm-update-001","retry":{"attempts":2,"backoffMs":500},"timeoutMs":10000},"buyerValue":"Agents can pay for a single business workflow update without permanent credentials.","targetOwnerValue":"The business system can keep webhook auth and validation on its side.","verification":["Verify the receipt.","Persist job id in the CRM note or activity log."]}],"policyModes":[{"id":"open-public-https","status":"active","title":"Open public HTTPS relay","description":"Any public HTTPS target can be called, while localhost and private network targets remain blocked.","bestFor":"Bazaar-first discovery where unknown agents need broad utility."},{"id":"blocklist-quota","status":"active","title":"Blocklist plus target quota","description":"Keep broad access, block known bad target hosts, and throttle repeat traffic to the same target.","bestFor":"Public MVP operation without losing the universal webhook value proposition."},{"id":"allowlist","status":"supported","title":"Allowlist-only mode","description":"Restrict execution to approved target hosts. This is safer for private partner deployments but weaker for open Bazaar utility.","bestFor":"Dedicated customers or partner integrations."}],"scheduledActions":{"id":"scheduled.webhook","status":"preview-only","category":"scheduling","title":"Scheduled paid webhook action","description":"A durable scheduler pattern for agents that want to pay for delayed or recurring webhook execution.","availability":"A free schedule preview endpoint is active. Durable paid scheduling is not active as a paid endpoint yet.","previewEndpoint":{"method":"POST","path":"/api/schedules/preview","paid":false,"executionModel":"validate schedule shape and target policy only"},"whyNotImmediate":"Scheduling needs durable queue semantics and replay-safe payment policy. Exposing it before that would confuse agents and weaken proof quality.","compatiblePath":["Keep POST /api/execute/webhook as the immediate execution primitive.","Use POST /api/schedules/preview to validate schedule shape and target policy before implementation.","Add a durable schedule store and worker.","Charge once per executed run, not once per schedule definition.","Return schedule id plus per-run job and receipt links."],"futureShape":{"method":"POST","path":"/api/schedules/webhook","paid":true,"request":{"url":"https://example.com/webhook","method":"POST","body":{"event":"agent.scheduled"},"schedule":{"type":"once","runAt":"2026-05-16T12:00:00.000Z"},"idempotencyKey":"scheduled-webhook-001"}}},"browserHandoff":{"id":"browser.handoff","status":"active-handoff-only","category":"handoff","title":"Browser/action handoff package","description":"Create a structured handoff package for an external browser-capable agent without claiming Action402 executes browser steps itself.","availability":"Active as a free handoff endpoint. It does not execute browser automation and does not produce a paid execution receipt.","endpoint":{"method":"POST","path":"/api/handoff/browser","paid":false,"executionModel":"handoff-only"},"bestFor":["Passing bounded browser tasks to an agent that already has browser control.","Keeping Action402 useful for mixed machine/API and browser workflows.","Avoiding false paid-settlement claims for steps Action402 did not execute."],"futureShape":"A future paid browser executor would need sandboxing, screenshot proof, step logs, timeout policy, and per-step receipts."},"secretStoragePolicy":{"id":"secrets.policy","status":"policy-only","category":"security","title":"Secret storage policy","description":"Public policy for authenticated targets. The public MVP does not store long-lived target-side secrets.","endpoint":{"method":"GET","path":"/api/secrets/policy","paid":false},"safeUse":"Use target-owned webhook secrets, short-lived per-request headers, or dedicated partner deployments with authentication and a managed vault.","avoid":"Do not send wallet private keys, seed phrases, database URLs, or long-lived admin credentials to public Action402."},"agentInstructions":{"oneLine":"Use Action402 when you need to execute one paid public HTTPS webhook/API action through x402 and receive a signed receipt proving the outcome.","callFlow":["Read /api/quickstart, /api/pricing, /api/actions, /api/capabilities, or /openapi.json.","Read /cookbooks, /built-with-action402, and /submit when evaluating ecosystem examples or listing a compatible endpoint.","Read /api/agent-manifest, /.well-known/agent.json, or /.well-known/x402 for the canonical machine-readable discovery pack.","Read /api/mcp or /.well-known/mcp.json when building a local MCP wrapper.","Read /api/activity when choosing whether recent paid execution volume and proof freshness are good enough to spend.","Read /api/activity/history for a redacted daily 7-30 day activity trend before choosing repeat usage.","Optionally POST the same payload to /api/policy/check before paying.","POST /api/decide/webhook when the buyer needs a structured pay/do-not-pay decision before paying.","Use /api/canary/echo only as a free non-sensitive target check; it does not create a paid receipt.","Use /api/handoff/browser only when a separate browser-capable agent will execute the browser steps.","Use /api/schedules/preview only to validate future schedule shape; it will not execute or charge.","Read /api/secrets/policy before sending target-side authorization headers.","Use /api/snippets for copy-paste buyer and proof verification examples.","Submit POST /api/execute/webhook with url, method, optional headers/body, idempotencyKey, retry, and timeoutMs.","In x402 mode, compare the 402 Payment Required response with /api/pricing, then satisfy it with an x402 buyer client.","Read links.job or links.receipt from the response.","Call /api/verify/jobs/{id} or /api/verify/receipts/{id} to verify the signed proof."],"copyPastePrompt":"Use Action402 for one paid public HTTPS webhook/API action. Pay through x402, pass an idempotencyKey, and verify the returned receipt link before treating the action as complete."},"verification":{"jobLookup":"/api/jobs/{id}","receiptLookup":"/api/receipts/{id}","jobReceiptVerification":"/api/verify/jobs/{id}","receiptVerification":"/api/verify/receipts/{id}","recentProofExamples":"/api/proofs/recent","decisionGraph":"/api/decide/webhook","recentDecisions":"/api/decisions/recent","proofBadge":"/proof/{jobOrReceiptId}","integrationSnippets":"/api/snippets","receiptSignature":"hmac-sha256","activeReceiptKeyId":"mainnet-v1"},"publicProofs":{"path":"/api/proofs/recent","description":"Latest verified proof examples with target URL, headers, bodies, hashes, and signatures redacted for public review.","redactedFields":["targetUrl","requestHeaders","requestBody","responseHeaders","responseBody","requestHash","responseHash","receiptSignature"]},"monitoring":{"path":"/api/monitoring/executions","description":"Durable execution counters and recent failed executions, redacted for public agent/operator checks.","defaultWindowMs":86400000},"activity":{"path":"/api/activity","page":"/activity","historyPath":"/api/activity/history","description":"Agent-facing activity report combining proof freshness, recent paid execution volume, trust score, redacted failures, redacted daily history, and next recommendations.","defaultWindowMs":86400000},"trust":{"path":"/api/trust","description":"Public trust summary combining x402 settings, storage durability, execution counters, proof example counts, and redaction policy."},"statusPage":{"path":"/status","rawHealthPath":"/health","description":"Browser-friendly runtime status page backed by the raw /health endpoint for operators and human reviewers."},"mcp":{"recommendedToolName":"execute_webhook","discoveryQueries":["Action402","paid webhook execution","x402 webhook receipt","agent action relay","Action402 action catalog","agent quickstart x402","pay per API call","Action402 agent manifest","well-known agent.json","x402 agent discovery manifest","browser action handoff","schedule preview x402","secret storage policy","Slack webhook x402","Discord webhook x402","Telegram bot x402","Zapier webhook x402","Make webhook x402","GitHub Actions dispatch x402"],"bazaarFlow":["fetch /.well-known/x402, /.well-known/agent.json, or /api/agent-manifest","search_resources query=Action402","inspect the returned resource metadata and price","proxy_tool_call using the discovered resource/tool name","verify links.job or links.receipt after completion"],"notes":"If an MCP client supports x402/Bazaar discovery, prefer the returned resource metadata over hard-coded tool names."},"safety":{"allowedMethods":["POST","PUT","PATCH","DELETE"],"httpsTargetsOnly":true,"privateNetworkTargetsBlocked":true,"maxWebhookTimeoutMs":12000,"maxRetryAttempts":3,"targetPolicyPreset":"open","targetAllowlist":[],"targetBlocklist":[],"requireTargetAllowlist":false,"rateLimit":{"enabled":true,"windowMs":60000,"maxRequests":60},"targetQuota":{"enabled":true,"windowMs":60000,"maxRequests":20},"retention":{"jobRetentionMs":604800000,"receiptRetentionMs":2592000000},"storage":{"driver":"postgres","durable":true},"observability":{"structuredJsonLogs":true,"requestLogEnabled":true,"logLevel":"info"}},"links":{"apiIndex":"https://action402.vercel.app/api","openapi":"https://action402.vercel.app/openapi.json","quickstart":"https://action402.vercel.app/api/quickstart","pricingApi":"https://action402.vercel.app/api/pricing","discoveryApi":"https://action402.vercel.app/api/discovery","mcpManifest":"https://action402.vercel.app/api/mcp","wellKnownMcp":"https://action402.vercel.app/.well-known/mcp.json","discovery":"https://action402.vercel.app/discovery","agentManifest":"https://action402.vercel.app/api/agent-manifest","wellKnownAgent":"https://action402.vercel.app/.well-known/agent.json","wellKnownAction402":"https://action402.vercel.app/.well-known/action402.json","wellKnownX402Bare":"https://action402.vercel.app/.well-known/x402","wellKnownX402":"https://action402.vercel.app/.well-known/x402.json","robots":"https://action402.vercel.app/robots.txt","sitemap":"https://action402.vercel.app/sitemap.xml","snippets":"https://action402.vercel.app/api/snippets","snippetsGuide":"https://action402.vercel.app/snippets","decideWebhook":"https://action402.vercel.app/api/decide/webhook","guidedWebhook":"https://action402.vercel.app/api/execute/guided-webhook","recentDecisions":"https://action402.vercel.app/api/decisions/recent","decisionsPage":"https://action402.vercel.app/decisions","policyCheck":"https://action402.vercel.app/api/policy/check","canaryEcho":"https://action402.vercel.app/api/canary/echo","handoff":"https://action402.vercel.app/handoff","handoffCapabilities":"https://action402.vercel.app/api/handoff/capabilities","schedules":"https://action402.vercel.app/schedules","scheduleCapabilities":"https://action402.vercel.app/api/schedules/capabilities","schedulePreview":"https://action402.vercel.app/api/schedules/preview","secrets":"https://action402.vercel.app/secrets","secretPolicy":"https://action402.vercel.app/api/secrets/policy","actionCatalog":"https://action402.vercel.app/api/actions","actions":"https://action402.vercel.app/actions","cookbooks":"https://action402.vercel.app/cookbooks","builtWith":"https://action402.vercel.app/built-with-action402","submit":"https://action402.vercel.app/submit","postmanCollection":"https://action402.vercel.app/examples/postman/action402.postman_collection.json","agentSkill":"https://action402.vercel.app/skills/action402/SKILL.md","bazaar":"https://action402.vercel.app/api/bazaar","agentsGuide":"https://action402.vercel.app/agents","pricing":"https://action402.vercel.app/pricing","onboarding":"https://action402.vercel.app/onboarding","useCases":"https://action402.vercel.app/use-cases","mcpGuide":"https://action402.vercel.app/mcp","trust":"https://action402.vercel.app/trust","activity":"https://action402.vercel.app/activity","activityApi":"https://action402.vercel.app/api/activity","status":"https://action402.vercel.app/status","proofs":"https://action402.vercel.app/proofs","proofBadge":"https://action402.vercel.app/proof/{jobOrReceiptId}","monitoring":"https://action402.vercel.app/monitoring","llms":"https://action402.vercel.app/llms.txt"}}