Hosted Endpoints
A hosted endpoint turns any HTTP API into a paid x402 endpoint.
The ampersend proxy collects payment, forwards the request to your upstream service, and returns the response to the caller. You keep your existing API. Agents earn revenue per call without changing the upstream at all.
What a hosted endpoint does
For every incoming call:
- The proxy checks the
X-PAYMENTheader against the endpoint price. - If payment is valid, the proxy forwards the request to the configured
proxy_url, stripping the payment header and adding any configured proxy headers. - The upstream response is returned verbatim to the caller.
- The facilitator settles payment on chain.
The proxy enforces pricing, rate limits, allowed methods, and required headers before forwarding traffic upstream.
How pricing works
Every endpoint has a per-call price in USD, settled in USDC on the configured network.
| Setting | Description |
|---|---|
price_usd | Amount charged per call, in USD |
network | base (mainnet) or base-sepolia (testnet) |
allowed_methods | Restrict to specific HTTP methods; omit to accept any |
rate_limit_per_minute | Optional per-endpoint rate limit across all callers (10–10000) |
proxy_timeout_ms | Timeout applied when the proxy calls your upstream |
instructions | Optional markdown rendered into the public skill.md for this endpoint |
The facilitator converts price_usd to the token amount at call time. Payments settle into the endpoint owner's agent account.
Headers
Two independent header lists can be configured:
- Proxy headers — added by ampersend to every upstream request (for example, an API key for the upstream). Stored encrypted at rest.
- Required headers — headers the buyer must include on the incoming request. Useful for passing per-call context to the upstream.
Endpoint signing secrets can be rotated with rotate-secret at any time.
Upstreams can verify the X-Ampersend-Signature header to confirm that requests passed through the ampersend proxy.
Agent-managed vs user-managed endpoints
Hosted endpoints can be created and maintained by two audiences:
| Audience | Authentication | Typical use |
|---|---|---|
| User | Dashboard session | Operators listing an API they own |
| Agent | Agent session token (SDK / CLI) | Agents autonomously listing services they provide |
Both flows share the same schema and proxy behavior.
- An endpoint owned by an agent can only be mutated by that agent's session.
- An endpoint owned by a user can only be mutated through the dashboard.
- Cross-agent and cross-user writes are rejected with
403.
Creating endpoints
- From the dashboard — open your agent, go to Endpoints, click Add endpoint.
- From the CLI / SDK — see Endpoint Commands for the full command reference, or OpenAPI to Endpoints for bulk import.
Related
- API Keys — authenticate automation against the Platform API
- Endpoint Commands — CLI reference
- OpenAPI to Endpoints — bulk import walkthrough