Is AP2 a payment protocol like x402 or MPP?

No. AP2 is an authorization and governance framework that proves an agent had permission to spend under defined conditions. It does not move money and must be paired with a settlement rail such as x402 or MPP.

How does x402 actually work over HTTP 402 Payment Required?

A server responds to a request with HTTP 402 and payment terms for the resource. The client signs a stablecoin payment and attaches proof of payment to the retried request. A facilitator can verify and settle the payment so the server can safely deliver the paid response.

How does MPP differ from x402 for machine-to-machine payments?

X402 settles each request independently, which keeps accounting granular and exposure tight. MPP opens a pre-authorized session, streams micropayments during usage, and batch-settles at session close. That reduces per-interaction overhead but concentrates reconciliation and exposure at the session layer.

What are the three AP2 mandate types and what do they cover?

AP2 defines Intent Mandates for delegated autonomy under preset rules, Cart Mandates for user-approved carts with explicit items and totals, and Payment Mandates to signal agent involvement to payment networks and issuers. Together they cover autonomous spend, human-approved checkout, and network-level risk signaling.

Can AP2 be used with x402 or MPP in the same architecture?

Yes. Sources describe AP2 implementations using x402 underneath via an A2A x402 extension, which is the layered pattern many teams are converging on. The same mandate concept can also wrap a session-based rail like MPP by constraining budgets and conditions for the session.

X402 vs MPP vs AP2 compared: settlement risk, session

X402 vs mpp vs ap2 compared comes down to two choices: how settlement happens (atomic per request vs session netting) and how authorization is proven (mandates). x402 and MPP are payment rails for machine to machine payment, while AP2 is the governance layer that makes agentic payment auditable and enterprise-safe.

Key Takeaways

x402 is an HTTP-native stablecoin settlement rail built around HTTP 402: the server quotes terms, the client pays, then retries the request with proof of payment.
MPP is a sessions-based machine payment protocol: an agent pre-authorizes a limit, streams micropayments during the session, and batch-settles at session close.
AP2 is not a rail. It is an authorization and audit framework using cryptographically signed mandates based on W3C Verifiable Credentials.
The production pattern is layered: AP2 for “who is allowed to spend what,” then x402 or MPP underneath for settlement, depending on overhead and exposure tolerance.

How these protocols differ by layer

The fastest way to get x402 vs mpp vs ap2 compared correctly is to stop treating them like three substitutes. Two of them move money, one of them proves permission. xpay’s “agentic payments map” frames this as a stack: settlement rails at the bottom (where funds actually move), a control plane in the middle (policies and audit), and discovery or commerce protocols above that. That stack framing matters because it changes the engineering question from “which protocol wins” to “which failure mode is acceptable at each layer.”

On the settlement side, x402 and MPP both reuse HTTP 402 Payment Required as the handshake that turns an API call into a billable event. The difference is the accounting surface. x402 is designed around atomic settlement per request, which keeps credit risk tight and reconciliation granular. MPP introduces a session, which reduces per-interaction settlement overhead but creates a window of exposure until the session closes and settles.

AP2 sits above both. It is a governance and authorization spec that answers a different question: “Was this agent allowed to spend?” It does that with cryptographically signed mandates that can be verified later, which is the missing piece when an agent is spending on behalf of a human or an organization.

Side-by-side, the clean mental model is:

1. x402: stateless pay-per-request settlement in stablecoins. 2. mpp: stateful session billing with streaming micropayments and batch settlement. 3. ap2: signed permissioning and audit that can wrap either settlement model.

That is the core of the agent economy explained: agents need a way to pay, and operators need a way to prove the agent was allowed to pay.

X402 payment flow and trade-offs

The x402 flow is a tight loop that looks like what shows up on a network trace, not a checkout page. A client requests a paid resource. The server responds with HTTP 402 Payment Required and structured payment terms. The client signs a stablecoin payment and attaches it to the next request, and the server returns the resource once the payment is verified and settled. Multiple sources describe a “facilitator” role in this loop, which exists so the server does not need to become a full on-chain payments processor just to sell an API response.

That atomicity is the point. Each request is its own receipt, which makes metering and dispute resolution straightforward. If an agent calls an endpoint 500 times, there are 500 discrete paid events. That is also the cost. Per-request settlement overhead becomes the bottleneck when call volume is high, even if the underlying chain fees are low. Sources position x402 as stablecoin-first, often described with USDC on Base, and as a permissionless-feeling primitive where the buyer does not need to open an account with the seller.

The risk model is simple: the seller’s exposure is basically the time between receiving the payment proof and delivering the resource. There is no “tab” left open. That is why x402 is a clean fit for machine to machine payment like paid APIs, data feeds, and agent-to-agent service calls.

Timeline-wise, sources place Coinbase’s x402 launch in May 2025, with a V2 update on December 11, 2025 that added wallet-based session or identity-style features and multi-chain support, though the exact V2 feature list varies across summaries. Sources also note Stripe integrated x402 for USDC payments on Base in February 2026.

MPP sessions model and rail coverage

MPP changes the unit of account from “request” to “session.” Instead of paying every call, an agent pre-authorizes a spending limit, then streams micropayments as usage accrues, and the session batch-settles at close. That is the key mechanical difference behind most “x402 vs mpp” debates. It is not just speed. It is a different exposure profile and a different reconciliation object.

MPP launched March 18, 2026 alongside Tempo mainnet, and sources describe 100+ integrated services at launch. The protocol is positioned as multi-rail: stablecoins plus fiat cards via Stripe token mechanisms, with extensions described for Lightning via Lightspark and card-network support via Visa. That rail coverage is the practical reason teams reach for MPP when they need “one endpoint that can take both crypto and cards.”

The trade is dependency. Sources consistently tie MPP to Stripe plus Tempo, which means the integration inherits Stripe’s tooling and merchant surface area, but also inherits platform coupling. That coupling is not abstract. It shows up as operational assumptions: session lifecycle management, timeouts, and what happens when a client crashes mid-session before close.

From a risk lens, MPP is a session credit line with end-of-session netting. The seller is taking more exposure than x402 because value can be delivered during the session before final settlement is completed. The payoff is lower per-interaction overhead and a billing model that fits high-frequency usage like inference, compute, or any metered resource where per-call settlement would dominate the workflow.

AP2 mandates for authorization and audit

AP2 belongs in a different category than x402 and MPP. It does not execute settlement. It defines how an agent proves it had permission to spend, using cryptographically signed mandates based on W3C Verifiable Credentials, which are designed to be verifiable and non-repudiable.

AP2 defines three mandate types that map cleanly to common agent purchasing modes:

1. Intent Mandate: delegated autonomy, where a human or organization signs rules up front and the agent spends later within those constraints. 2. Cart Mandate: user-approved carts, where a human signs off on a specific set of items and totals before payment. 3. Payment Mandate: a signal to payment networks and issuers that an agent was involved, so risk and compliance systems can evaluate the transaction accordingly.

This is why “AP2 protocol” comparisons often go off the rails. AP2 is not competing with x402 or MPP on throughput or fees because it is not a rail. It is the permissioning and audit wrapper that turns “agent spent money” into “agent spent money under a signed mandate.”

AP2 is also explicitly framed as composable with settlement rails. Sources describe AP2 implementations using x402 underneath via an A2A x402 extension, which is the concrete example of the layered architecture the ecosystem is converging on. In that stack, AP2 is the control plane, and x402 or MPP is the settlement rail chosen per workflow.

For builders, the practical implication is that AP2 decisions are governance decisions: what constraints exist, who signs them, and what evidence is retained for later review. That is a different design surface than “how do we move USDC.”

Choosing x402, MPP, AP2 for use cases

The decision framework is not “pick one protocol.” It is “pick a settlement ergonomics, then pick an authorization posture.” xpay’s layered map makes that explicit, and the agentic payment landscape is already treating these as composable components.

A useful way to choose is to decide what must be reconciled and where exposure is allowed to accumulate.

1. Choose x402 when the product wants atomic receipts per call and minimal state. This fits paid APIs and agent-to-agent services where the cleanest contract is “pay, then get the response.” The failure path to design for is the 402 → pay → retry loop, including idempotency and what happens when the client retries after paying. 2. Choose MPP when per-request settlement overhead becomes the bottleneck and session-level accounting is acceptable. This fits high-frequency metered usage where a session object is already natural. The failure path to design for is session expiry, partial usage, and crash recovery before session close. 3. Add AP2 when the system needs provable constraints and audit trails for agent spend. That is common in enterprise procurement, regulated environments, and any workflow where “who authorized this” must be answered with a signed artifact, not a database row.

Common combined architectures follow directly from those choices:

1. AP2 + x402: mandates define limits and recipients, then each API call settles atomically over stablecoins. 2. AP2 + MPP: mandates define the session budget and constraints, then usage streams inside a pre-authorized session and batch-settles. 3. x402 + MPP side-by-side: one agent speaks both rails, using x402 for low-frequency or permissionless endpoints and MPP for high-frequency workloads or where card acceptance is required.

Near the bottom of the stack, these are just different ways to implement machine payment protocol behavior. Near the top, they are the plumbing that makes the agent economy explained viable without turning every agent into an unbounded spend risk.

The Take

I’ve watched teams waste weeks arguing “x402 vs MPP” like it’s a winner-take-all standards war, then get surprised by the boring part: reconciliation and failure paths. The expensive bug is not the happy-path payment. It’s the mid-session crash, the retry after a 402, or the audit request six months later when someone asks why an agent was allowed to spend at all.

If the system needs tight credit risk and clean per-call receipts, x402’s atomic model is hard to beat. If call volume makes per-request settlement overhead the constraint, MPP’s session netting is the obvious ergonomic shift, with the trade that exposure lives inside the session until close. AP2 is the piece most people misclassify. It’s the mandate layer that makes either rail defensible in an enterprise review because it turns spend into signed, checkable permission.

X402 vs MPP vs AP2 compared: settlement risk, session credit, and mandates