How it works

Put governance in the request path, not after the fact.

402flow keeps the developer surface small, then moves policy evaluation, approval routing, payment execution, and receipt persistence into the control plane.

View SDK Try Demo

Execution model

Prepare the request once from the host or agent harness.
Evaluate posture, policy, merchant fit, and spend controls before execution.
Escalate to approval when policy requires human review.
Execute through the payment adapter and persist the normalized receipt afterward.

Lifecycle

Prepare. Govern. Execute. Receipt.

The product shape stays consistent whether the caller uses the fast `fetchPaid(...)` path or an explicit inspect-then-execute loop.

Prepare

The agent issues a paid request through a small SDK surface instead of embedding protocol mechanics directly in the application.

Govern

402flow evaluates the request against organization posture, policy, merchant constraints, and spend limits before execution is allowed.

Review if needed

Requests that fall outside policy stop for operator review and possible policy adjustment instead of failing silently or spending automatically.

Execute

Requests that satisfy current policy move through the supported payment rail with protocol-specific handling kept behind adapters.

Receipt

402flow stores the normalized receipt, decision history, and audit context so operators can understand what happened after the request completes.

Control plane

What changes when 402flow is in the middle.

The key difference is not payment support. It is that the control plane becomes the place where the important decisions happen.

Policy evaluates first

Requests are checked against organization posture, merchant rules, and spend controls before an execution path is allowed.

Review is a product path

Requests that need approval stop for review instead of turning into side-channel ops work or automatic spend.

Receipts outlive the request

After execution, 402flow persists normalized receipt and audit context so the operator can prove what happened.

Before / After

Direct payment logic versus governed payment execution.

The request can succeed in either model. The difference is whether approvals, policy, and receipts stay coherent across hosts.

Direct paid request

More payment logic in the agent runtime

The application detects a paid endpoint, decides whether to proceed, and owns the protocol-specific payment path inline.

Payment logic and merchant quirks spread through app code
Approvals become side channels instead of productized review
Receipts, denials, and retries are inconsistent across hosts

402flow-mediated request

Control before money moves

The agent prepares the request once, and 402flow evaluates policy, routes review when needed, executes through the payment adapter, and stores the result.

One SDK surface for developers instead of protocol branching
Operator-selected governance posture and review path
Normalized receipts and audit history after execution

Next step

See the developer surface, then run the hosted proof.

Start with the SDK if you already know the request shape. Use the hosted demo merchant when you want to verify the end-to-end paid-request path against a real merchant surface.

Open SDK page Try Demo