Agentpmt No Account Agentaddress X402

Use AgentPMT tools and workflows without an AgentPMT account by using an AgentAddress with credits or a funded x402-capable wallet. Use when an autonomous agent needs the no-account payment and invocation flow.

Audits

Suspicious

ClawScanSuspicious

Agentic behavior and permission review.

Static analysisPass

Pattern checks against bundled files.

VirusTotalPass

Multi-engine malware detections and file reputation.

Install

openclaw skills install agentpmt-no-account-agentaddress-x402

Use AgentPMT Without An Account: AgentAddress And x402

Use this skill when an agent does not have an AgentPMT account Bearer Token and needs to pay for tools with an AgentAddress or x402 payment.

What This Is For

This path is for autonomous agents that need one of these:

An AgentAddress that already has AgentPMT credits.
A funded crypto wallet that can complete x402 payments.

If the agent has an AgentPMT account Bearer Token, use the account MCP/REST setup skill instead.

Requirements

pip install requests eth-account

Store private keys, mnemonics, signatures, payment headers, and session nonces in a secret manager. Do not put them in prompts or logs.

Create Or Load An AgentAddress

Create an AgentAddress wallet:

import requests

response = requests.post("https://www.agentpmt.com/api/external/agentaddress", timeout=30)
response.raise_for_status()
wallet = response.json()
wallet_address = wallet["evmAddress"].lower()
private_key = wallet["evmPrivateKey"]

If you already have an AgentAddress, load its wallet address and private key from your secret store instead.

Discover Tools

tools_response = requests.get("https://www.agentpmt.com/api/external/tools", timeout=30)
tools_response.raise_for_status()
tools = tools_response.json()

Use the product-specific skill for the target tool to get the product slug, action slug, schema, and sample parameters.

Signed-Credit Flow

Use this when the AgentAddress already has AgentPMT credits.

Create a session nonce:

session_response = requests.post("https://www.agentpmt.com/api/external/auth/session", json={
    "wallet_address": wallet_address,
}, timeout=30)
session_response.raise_for_status()
session_nonce = session_response.json()["session_nonce"]

Canonicalize action parameters and sign the request:

import hashlib
import json
from eth_account import Account
from eth_account.messages import encode_defunct

product_slug = "<product-slug>"
action_slug = "<action-slug>"
request_path = f"/external/tools/{product_slug}/actions/{action_slug}/invoke"
parameters = {}
canonical = json.dumps(parameters, sort_keys=True, separators=(",", ":"))
payload_hash = hashlib.sha256(canonical.encode("utf-8")).hexdigest()
request_id = "unique-tool-request-id"

message = "\n".join([
    "agentpmt-external",
    f"wallet:{wallet_address.lower()}",
    f"session:{session_nonce}",
    f"request:{request_id}",
    "method:POST",
    f"path:{request_path}",
    f"payload:{payload_hash}",
])
signature = Account.sign_message(
    encode_defunct(text=message),
    private_key=private_key,
).signature.hex()

Invoke the tool:

invoke_url = f"https://www.agentpmt.com/api/external/tools/{product_slug}/actions/{action_slug}/invoke"
response = requests.post(invoke_url, json={
    "wallet_address": wallet_address,
    "session_nonce": session_nonce,
    "request_id": request_id,
    "signature": signature,
    "parameters": parameters,
}, timeout=120)
response.raise_for_status()

Direct x402 Flow

Use this when the agent has a funded x402-capable wallet and wants to pay at the tool action URL.

Direct x402 is available only when the target vendor product is enabled for x402. The tool URL is the same canonical action URL used by signed-credit calls:

POST https://www.agentpmt.com/api/external/tools/{productSlug}/actions/{actionSlug}/invoke

Do not include signed-credit fields (wallet_address, session_nonce, request_id, signature) when paying with x402. Send only the action parameters in the JSON body and the x402 payment header on the paid retry.

The first request returns 402 Payment Required with a canonical x402 challenge. The response body is JSON, and the PAYMENT-REQUIRED header contains the same challenge base64-encoded. Select one entry from accepts[] and sign that exact requirement.

import base64
import json
import secrets
import time

import requests
from eth_account import Account

product_slug = "<product-slug>"
action_slug = "<action-slug>"
invoke_url = f"https://www.agentpmt.com/api/external/tools/{product_slug}/actions/{action_slug}/invoke"

# The wallet must hold the live token/network returned in accepts[].
x402_private_key = "<0x-funded-wallet-private-key>"
x402_account = Account.from_key(x402_private_key)
payer_wallet = x402_account.address.lower()

parameters = {
    # action-specific input fields go here
}

first = requests.post(invoke_url, json=parameters, timeout=120)
if first.status_code != 402:
    first.raise_for_status()
    result = first.json()
else:
    payment_required = first.json()
    accepted = payment_required["accepts"][0]

    chain_id = int(accepted["network"].split(":")[1])
    valid_before = str(int(time.time()) + min(240, int(accepted.get("maxTimeoutSeconds", 300))))
    authorization = {
        "from": payer_wallet,
        "to": accepted["payTo"].lower(),
        "value": str(accepted["amount"]),
        "validAfter": "0",
        "validBefore": valid_before,
        "nonce": "0x" + secrets.token_hex(32),
    }

    signed = Account.sign_typed_data(
        x402_private_key,
        domain_data={
            "name": accepted.get("extra", {}).get("name", "USDC"),
            "version": str(accepted.get("extra", {}).get("version", "2")),
            "chainId": chain_id,
            "verifyingContract": accepted["asset"],
        },
        message_types={
            "TransferWithAuthorization": [
                {"name": "from", "type": "address"},
                {"name": "to", "type": "address"},
                {"name": "value", "type": "uint256"},
                {"name": "validAfter", "type": "uint256"},
                {"name": "validBefore", "type": "uint256"},
                {"name": "nonce", "type": "bytes32"},
            ],
        },
        message_data={
            "from": authorization["from"],
            "to": authorization["to"],
            "value": int(authorization["value"]),
            "validAfter": int(authorization["validAfter"]),
            "validBefore": int(authorization["validBefore"]),
            "nonce": authorization["nonce"],
        },
    )
    signature = signed.signature.hex()
    if not signature.startswith("0x"):
        signature = "0x" + signature

    x402_payload = {
        "x402Version": 2,
        "accepted": accepted,
        "resource": payment_required["resource"],
        "payload": {
            "signature": signature,
            "authorization": authorization,
        },
    }
    x_payment = base64.b64encode(
        json.dumps(x402_payload, separators=(",", ":")).encode("utf-8")
    ).decode("ascii")

    paid = requests.post(
        invoke_url,
        json=parameters,
        headers={"X-PAYMENT": x_payment},
        timeout=120,
    )
    paid.raise_for_status()
    result = paid.json()

print(result)

Use the payment challenge values exactly:

authorization.to must equal accepted.payTo.
authorization.value must equal accepted.amount.
The EIP-712 domain must use accepted.extra.name, accepted.extra.version, the numeric chain id from accepted.network, and accepted.asset as verifyingContract.
The paid retry must send the base64-encoded JSON envelope in X-PAYMENT. PAYMENT-SIGNATURE, PAYMENT, and X-PAYMENT are accepted aliases, but X-PAYMENT is the preferred header.
Generate a fresh 32-byte nonce for every payment. Never reuse a nonce or signed payment authorization.
Always sign one of the live accepts[] requirements returned by the challenge.

Successful direct x402 responses do not debit the buyer's AgentPMT credit ledger and do not return top-level charged_credits, balance_credits, balance_usd, credit_source, or price_credits. The tool response is returned with x402 payment metadata:

{
  "success": true,
  "response": {
    "status_code": 200,
    "data": {
      "success": true,
      "output": {}
    },
    "success": true
  },
  "x402": {
    "transaction": "0x...",
    "network": "eip155:8453",
    "resource_url": "https://www.agentpmt.com/api/external/tools/{productSlug}/actions/{actionSlug}/invoke",
    "payment": {
      "token": "USDC",
      "asset": "0x...",
      "amount_base_units": "10000",
      "amount_usd": 0.01,
      "payer_wallet_address": "0x...",
      "pay_to": "0x..."
    }
  }
}

If the tool call cannot be completed, the response is an error. Retry with a fresh challenge and nonce after fixing the request or funding issue.

Balance Check

Balance checks use the same signed request pattern with the balance endpoint:

balance_response = requests.post("https://www.agentpmt.com/api/external/credits/balance", json={
    "wallet_address": wallet_address,
    "session_nonce": session_nonce,
    "request_id": "unique-balance-request-id",
    "signature": "0x...",
}, timeout=30)
balance_response.raise_for_status()

Workflows

No-account workflow access uses the external workflow endpoints and wallet-signed requests. Discover workflows with GET https://www.agentpmt.com/api/external/workflows, fetch the selected workflow with the signed fetch endpoint, then start/end sessions with the signed workflow endpoints. Use workflow-specific docs where available.

Error Handling

Status	Meaning	Recovery
400	Schema mismatch or invalid request	Rebuild parameters from the product skill.
401	Signature/session failed	Refresh session and sign again.
402	Payment required	Complete the x402 challenge or fund the AgentAddress credits.
409	Replay detected	Use a fresh request id and sign again.
500	Tool/platform error	Retry later with a fresh request id.

Related Skills

What AgentPMT is: ../what-is-agentpmt
AgentPMT account MCP/REST setup: ../agentpmt-account-mcp-rest-api-setup