AI agents can now browse, decide, and act. The gap is money. An agent that can complete a task often cannot complete the payment for it, because the tools built for humans do not fit an autonomous process.
Cards assume a person at a checkout, a billing address, and a chargeback system. Handing an agent a card or a set of wallet keys is worse: now an autonomous process can spend or drain funds. What agents actually need is a way to request and receive payments programmatically without holding custody of the money.
That is what SettleBolt's Agent API is for. It gives AI agents a scoped, non-custodial way to create crypto payment requests and settle straight to a wallet the business controls. This guide covers how crypto payments for AI agents work, what a good agentic payments API should and should not allow, and how to wire it up safely.
Core idea: the agent asks for money, it never holds money. Payment requests are created through a scoped key, and settlement lands directly in your wallet. There is no SettleBolt balance and no key that can withdraw your funds.
What is an agentic payments API?
An agentic payments API is an interface an AI agent calls to request and receive payments without a human clicking through a checkout. Instead of filling a card form, the agent makes an API call that produces a payment request, then reads back whether it was paid.
With SettleBolt, that interface is a set of scoped endpoints under /api/agent/. An agent authenticated with an API key can create a crypto payment link or an invoice, share it, and later read the payments ledger to confirm settlement. The customer pays on-chain, and the funds go to a wallet the merchant controls.
The important word is scoped. The key does not grant the agent your account. It grants exactly the narrow permissions you choose, and it is accepted only on the agent endpoints.
Why AI agents need a different payment model
Traditional rails were designed around a human and a bank. That creates three problems for autonomous agents.
- Cards need a person. Card checkout expects a cardholder, a billing identity, and manual entry. Agents operate headlessly, and card-on-file for a bot is a fraud and chargeback liability.
- Custody is dangerous. If an agent holds private keys or a funded balance, a bad prompt, a bug, or a compromise can move real money. The safer design keeps the agent unable to touch funds at all.
- Agents need determinism. An agent works best with a fixed amount, asset, and destination, and a clear paid or not-paid signal. On-chain payments give exactly that: a specific amount to a specific address, final once confirmed.
Non-custodial crypto fits the shape of agent work. The request is explicit, settlement is direct, and the agent only ever handles a payment request, not the money behind it.
How the SettleBolt Agent API works
The flow is deliberately boring, which is what you want when a machine is driving it.
- You create a scoped API key in the dashboard and grant it only the scopes an agent needs, such as
payment_links:create. - The agent calls
POST /api/agent/payment-linkswith an amount, asset, and chain, and gets back a hosted checkout link. - The customer opens the link and pays in USDC, USDT, DAI, or ETH from their own wallet.
- The funds settle directly to the receiving wallet you control.
- SettleBolt records the payment and sends a signed
payment.confirmedwebhook, and the agent can also pollGET /api/agent/paymentsto confirm.
Beyond payment links, the same scoped model covers invoices (/api/agent/invoices), customer records (/api/agent/customers), the payments ledger (/api/agent/payments), and support tickets. An agent can inspect its own key and merchant context with GET /api/agent/me.
Scopes: what an agent can and cannot do
Safety here is not a promise, it is the shape of the permission system. Agent keys are accepted only on /api/agent/ endpoints, and every sensitive capability is a separate scope you grant explicitly.
An agent key can, when you grant the scope:
- Create and read payment links.
- Create and send invoices.
- Read the payments ledger.
- Read and write customer records.
- Open support tickets.
An agent key cannot, under any scope:
- Manage, add, or change receiving wallets.
- Move, withdraw, or reverse funds. Settlement is non-custodial and goes straight to your wallet.
- Change billing, create or revoke other API keys, or delete the account.
The result is a payment agent that can drive revenue but cannot drain it. Even a fully compromised key is limited to creating payment requests and reading records within the scopes you set.
Build and test safely. Send "mode":"demo" on create calls and use the simulate-payment endpoint to move a demo link to paid. Demo activity is separated from live, so you can develop an agent end to end before a single real payment.
Chat channels: Telegram and WhatsApp agents
Not every agent lives in your backend. Many businesses run sales and support inside chat. SettleBolt exposes the same scoped agent permissions through paired Telegram and WhatsApp channels.
A support agent in WhatsApp can take an order in conversation, create a SettleBolt payment link for the correct amount, send it back to the customer, and track whether it was paid. These channels use selected safe scopes and the same paid-plan, verified-email, wallet, and audit-log checks as the API. They are never a place to paste raw API keys.
What SettleBolt gives agent builders
A payment call is only useful with the pieces around it: records, confirmation, testing, and control.
Scoped API keys
Grant an agent the minimum scopes it needs. Keys are accepted only on /api/agent endpoints and never touch wallets or billing.
Non-custodial settlement
Customers pay in stablecoins or ETH straight to your wallet. The agent creates the request, but SettleBolt never holds the money.
Signed webhooks
A signed payment.confirmed event lets your backend or agent react the moment a payment settles on-chain.
Demo mode
Build and test an agent end to end with demo payment links and simulated payments before going live.
Bottom line
If you are giving an AI agent the ability to transact, the safest design is one where the agent can ask for money but can never move it. A non-custodial, scoped API gives you exactly that: crypto payments for AI agents that settle to a wallet you control, with keys that create requests and nothing more.
That is why SettleBolt ships an Agent API alongside its payment links, invoices, and WooCommerce checkout. Same non-custodial settlement, built for a machine to drive.