AC

Agent Commerce Directory

Submit Business
Home/Agent Commerce/ACP Protocol
ACPOpenAI × Stripe

Agentic Commerce Protocol (ACP)

An open-source standard enabling secure, programmatic commerce flows between AI agents and businesses. Developed by OpenAI and Stripe.

What is ACP?

The Agentic Commerce Protocol (ACP) is an open-source specification that standardises how AI agents interact with businesses to complete commercial transactions. Released under the Apache 2.0 licence, ACP was collaboratively developed by OpenAI and Stripe to create a secure, interoperable foundation for AI-powered commerce.

Unlike traditional e-commerce where humans navigate websites and checkout flows, ACP enables AI agents to programmatically discover products, initiate checkouts, and complete purchases on behalf of users—all whilst maintaining merchant control and security.

First implemented in OpenAI's ChatGPT with Instant Checkout, ACP is designed to work with existing commerce infrastructure, making adoption straightforward for businesses already using platforms like Stripe.

Key Features

📖

Open Source

Apache 2.0 licensed, allowing anyone to implement, modify, and contribute to the protocol without restrictions.

🛍️

Commerce Type Support

Handles physical goods, digital products, subscriptions, and asynchronous purchases in a unified framework.

🔧

Infrastructure Agnostic

Works with existing commerce backends—no need to rebuild your entire stack to support AI agents.

🔒

Secure Payment Handling

Uses SharedPaymentTokens to pass payment credentials without exposing sensitive data. PCI compliant.

⚙️

Merchant Control

Businesses retain full control over product presentation, pricing, inventory, and which AI agents can transact.

🔌

REST & MCP Compatible

Supports both RESTful API integration and Model Context Protocol (MCP) server implementations.

How ACP Works

The ACP protocol defines a standardised flow for agent-driven commerce transactions. Here's how a typical purchase unfolds:

1

Purchase Intent

User expresses what they want to buy through natural conversation with an AI agent (e.g., "Buy me running shoes").

2

Agent Initiates Checkout

The AI agent identifies suitable ACP-enabled merchants and initiates a checkout session by calling the merchant's Create Checkout endpoint.

3

Merchant Generates Cart

The merchant's system creates a checkout object containing product details, pricing, shipping options, and available payment methods.

4

Agent Renders UI

The AI agent presents checkout details to the user in a conversational format, collecting necessary information like shipping address and preferences.

5

User Makes Selections

User reviews details, selects shipping method, confirms purchase intent through the agent interface.

6

Payment Provisioning

The agent provisions a SharedPaymentToken—a secure, one-time credential that represents the user's payment method without exposing card details.

7

Order Completion

Agent calls the merchant's Complete Checkout endpoint with the payment token. The merchant processes payment through their PSP (e.g., Stripe).

8

Confirmation & Fulfilment

Merchant confirms the order and begins fulfilment. The agent keeps the user informed about shipping and delivery status.

Core ACP Endpoints

POST
/checkout

Create Checkout Object

Initiates a new checkout session. Returns a checkout ID and structured cart data including products, pricing, and available options.

PATCH
/checkout/:id

Update Checkout Object

Modifies an existing checkout based on user selections (e.g., changing quantity, selecting shipping method).

POST
/checkout/:id/complete

Complete Checkout Object

Finalises the purchase using the provided SharedPaymentToken. Triggers payment processing and order creation.

DELETE
/checkout/:id

Cancel Checkout Object

Cancels an in-progress checkout session, releasing any reserved inventory or session data.

Security & Compliance

SharedPaymentToken

ACP's payment security is built around the SharedPaymentToken—a one-time-use credential that represents a user's payment method without exposing sensitive card details.

  • Tokens are single-use and expire after transaction completion
  • No raw payment credentials are ever passed through the agent
  • PCI DSS compliant—merchants don't handle raw card data

HTTPS & Authentication

All ACP communications must occur over HTTPS with Bearer token authentication. Webhook events use HMAC signatures to verify authenticity, preventing tampering and replay attacks.

Why Businesses Choose ACP

Reach AI Platforms

Get discovered by users shopping through ChatGPT and other AI assistants, expanding your customer base.

No Infrastructure Overhaul

ACP works with your existing Stripe integration and commerce backend—implement it in days, not months.

Maintain Control

You decide product presentation, pricing, and which AI agents can access your inventory.

Future-Proof Commerce

As AI shopping grows, ACP ensures your business is ready for the next wave of e-commerce.

Secure by Design

PCI-compliant payment handling with no additional security burden on your infrastructure.

Open Standard

Not locked to a single platform or vendor—any AI agent can integrate with ACP.

ACP vs AP2

Wondering how ACP compares to Google's Agent Payments Protocol?

Compare Protocols →

Ready to Implement ACP?

Get step-by-step guidance on integrating the Agentic Commerce Protocol into your e-commerce platform.

Implementation Guide →List Your Business

Related Resources

What is Agent Commerce?

Learn the fundamentals of AI-powered shopping

AP2 Protocol

Explore Google's Agent Payments Protocol

Implementation Guide

Step-by-step ACP integration tutorial