Stripe Link's Agent Wallet: Programmatic Payments for AI Agents
Stripe's new Link wallet for agents and Issuing for agents provide infrastructure for AI agents to make programmatic payments. This system leverages OAuth for secure access, one-time-use cards or Shared Payment Tokens (SPTs) for transactions, and user approval flows, abstracting payment complexities for developers building agent-facing applications. It extends Stripe's existing Issuing platform to enable customizable agentic spending solutions for businesses.
Read original on Stripe BlogThe article introduces Stripe's solution for enabling AI agents to make payments on behalf of users. This infrastructure is built on two main components: Link's wallet for agents and Stripe Issuing for agents. The core problem addressed is allowing agents to interact with existing payment ecosystems securely and programmatically, bypassing the need for agents to directly handle raw payment credentials.
Architecture of Link's Agent Wallet
Link's wallet for agents provides a consumer-facing interface, allowing users to grant their AI agents programmatic access to their Link wallet via a standard OAuth flow. This establishes a secure authorization boundary. When an agent needs to make a purchase, it initiates a spend request, providing context to the user. The user then reviews and approves this request, either on the web or through Link's mobile applications. Upon approval, Link issues a one-time-use card or a Shared Payment Token (SPT) to the agent, which is then used to complete the transaction. This design ensures that raw payment credentials are never exposed to the agent.
- OAuth Flow: Secures agent access to the consumer's Link wallet without exposing credentials.
- Spend Request with Context: Agents request payment, providing transaction details for user transparency.
- User Approval: Mandatory user review and approval for each transaction (with future plans for configurable spending limits).
- One-Time-Use Cards/SPTs: Dynamic, scoped payment credentials provided to agents post-approval, enhancing security.
Stripe Issuing for Agent-Based Solutions
For businesses that require more customization than Link's wallet, Stripe Issuing for agents offers direct access to the underlying Issuing APIs. This allows developers to build bespoke agentic wallets and card programs. It provides primitives for single-use virtual cards, fund storage, spending controls (e.g., amount, currency, merchant restrictions), real-time transaction monitoring, and advanced fraud detection. This is crucial for scenarios like automating business spend, embedding agent-issued cards for expense management, or enabling marketplace sellers to automate supplier payments.
link-cli spend-request create \
payment-method-id csmrpd_12345 \
merchant-name "Powdur" \
merchant-url "https://powdur.com" \
amount 3500 \
context "Purchasing the Powdur Glow Renewal Vitamin C Serum as a gift for $35." \
request-approval ~System Design Takeaways
This architecture highlights critical system design considerations for integrating AI agents with financial systems: security through abstraction (never expose raw credentials), user control and transparency (explicit approval flows), and programmability via APIs (enabling custom solutions). The use of OAuth and dynamically issued payment tokens demonstrates robust authorization and authentication patterns in a novel application domain.