Recurring x402 payments

In this guide, you set up recurring x402 payments by requesting an ERC-20 periodic Advanced PermissionsAdvanced Permissions Fine-grained, wallet execution permissions that dapps can request from MetaMask extension users. Based on ERC-7715. permission from a user.

For example, a user gives your agent permission to spend up to 10 USDC per week. Later, when the agent calls an x402 endpoint, it checks the price, uses the granted permission, and pays.

Prerequisites

• Install and set up the Smart Accounts Kit.

Steps

1. Set up a Wallet Client

Set up a Wallet Client using Viem's createWalletClient function. Use this client to interact with MetaMask.

Extend the Wallet Client with erc7715ProviderActions to enable Advanced PermissionsAdvanced Permissions Fine-grained, wallet execution permissions that dapps can request from MetaMask extension users. Based on ERC-7715. requests.

import { createWalletClient, custom } from 'viem'
import { erc7715ProviderActions } from '@metamask/smart-accounts-kit/actions'

const walletClient = createWalletClient({
  transport: custom(window.ethereum),
}).extend(erc7715ProviderActions())

2. Set up an agent account

The session account can be either a smart accountMetaMask smart account A smart contract account created using the Smart Accounts Kit that supports programmable behavior, flexible signing options, and ERC-7710 delegations. or an EOAExternally owned account (EOA) A private-key-controlled account with no built-in programmable execution logic.. This example uses an EOA as the session account.

import { privateKeyToAccount } from 'viem/accounts'

const sessionAccount = privateKeyToAccount('0x...')

3. Request Advanced Permissions

Request Advanced Permissions from the user with the Wallet Client's requestExecutionPermissions action.

In this example, you request an ERC-20 periodic permission with a weekly allowance of 10 USDC. This creates a recurring payment budget that your agent can store and reuse for making an x402 API call.

See the requestExecutionPermissions API reference for more information.

import { base as chain } from 'viem/chains'
import { parseUnits } from 'viem'

// USDC address on Base.
const tokenAddress = '0x...'

const currentTime = Math.floor(Date.now() / 1000)
const expiry = currentTime + 60 * 60 * 24 * 30 // Permission expires in 30 days.

const grantedPermissions = await walletClient.requestExecutionPermissions([
  {
    chainId: chain.id,
    expiry,
    to: sessionAccount.address,
    permission: {
      type: 'erc20-token-periodic',
      data: {
        tokenAddress,
        periodAmount: parseUnits('10', 6),
        periodDuration: 604800,
        startTime: currentTime,
        justification:
          'Permission for agent to spend up to 10 USDC every week for making x402 API calls',
      },
      isAdjustmentAllowed: false,
    },
  },
])

4. Get payment requirements

Call the x402-protected endpoint without a payment header to request payment terms after your agent has been granted permission.

The server returns 402 with the payment terms (PAYMENT-REQUIRED) in the response, which agent can use to build the payment payload.

import { PaymentRequirements } from './types'

// Update the URL
const challengeResponse = await fetch('https://api.example.com/paid-endpoint')
if (challengeResponse.status !== 402) {
  console.error('Expected 402 challenge from protected route')
  // Handle error
}

const paymentRequiredHeader = challengeResponse.headers.get('PAYMENT-REQUIRED')
if (!paymentRequiredHeader) {
  console.error('PAYMENT-REQUIRED header is missing')
  // Handle error
}

const decodedPaymentRequired = Buffer.from(paymentRequiredHeader, 'base64').toString('utf-8')
const paymentRequired = JSON.parse(decodedPaymentRequired) as {
  accepts: PaymentRequirements[]
}

const accepted = paymentRequired.accepts[0]
if (!accepted) {
  console.error('Server did not provide accepted payment requirements')
  // Handle error
}

if (accepted.extra.assetTransferMethod !== 'erc7710') {
  console.error('Server does not support ERC-7710 delegation payments')
  // Handle error
}

if (accepted.asset.toLowerCase() !== tokenAddress.toLowerCase()) {
  console.error('Requested payment asset does not match recurring payment token')
  // Handle error
}

5. Create a redelegation

The granted advanced permission is delegated to the agent account. For each protected API call, create a redelegation from the agent account so facilitator addresses can redeem the permission context for x402 settlement.

This example uses the erc20TransferAmount scope while creating redelegation to allow USDC transfers up to the amount requested in payment terms. It also uses the redeemer enforcer to restrict redemption to facilitator addresses provided by the server.

Use the Wallet Client's redelegatePermissionContext action to create a redelegated permission context.

example.ts

import { environment, sessionAccountWalletClient } from './config.ts'
import { ScopeType, CaveatType } from '@metamask/smart-accounts-kit'

const permission = grantedPermissions[0]
if (!permission) {
  console.error('No permission response returned by requestExecutionPermissions')
  // Handle error
}

const facilitators = accepted.extra.facilitators
if (!facilitators || facilitators.length === 0) {
  console.error('No facilitators found in payment terms')
  // Handle error
}

const { permissionContext: redelegatedPermissionContext } =
  await sessionAccountWalletClient.redelegatePermissionContext({
    environment,
    permissionContext: permission.context,
    scope: {
      type: ScopeType.Erc20TransferAmount,
      tokenAddress: accepted.asset,
      maxAmount: BigInt(accepted.amount),
    },
    caveats: [
      {
        type: CaveatType.Redeemer,
        redeemers: facilitators,
      },
    ],
  })

config.ts

import { createWalletClient, http } from 'viem'
import { base as chain } from 'viem/chains'
import { getSmartAccountsEnvironment } from '@metamask/smart-accounts-kit'
import { erc7710WalletActions } from '@metamask/smart-accounts-kit/actions'

export const environment = getSmartAccountsEnvironment(chain.id)

// Use sessionAccount from previous step
export const sessionAccountWalletClient = createWalletClient({
  account: sessionAccount,
  chain,
  transport: http(),
}).extend(erc7710WalletActions())

6. Create the payment payload

For each protected API call, create a payment payload with the redelegated permission context.

For ERC-7710 (Smart Contract Delegation), x402 requires the payload fields delegationManager, permissionContext, and delegator. The facilitator uses permissionContext to simulate during verification and then settle the payment.

Encode the full x402 payment payload as base64, then send it in the payment-signature header.

import { PaymentPayload } from './types'

const permission = grantedPermissions[0]

const paymentPayload: PaymentPayload = {
  x402Version: 2,
  accepted,
  payload: {
    delegationManager: permission.delegationManager,
    permissionContext: redelegatedPermissionContext,
    delegator: permission.from,
  },
}

const encodedPayment = Buffer.from(JSON.stringify(paymentPayload)).toString('base64')

7. Make the paid request

Send the base64-encoded x402 payment payload in the payment-signature header.

const apiResponse = await fetch('https://api.example.com/paid-endpoint', {
  headers: {
    'payment-signature': encodedPayment,
  },
})

if (!apiResponse.ok) {
  const errorBody = await apiResponse.json()
  console.error(errorBody.error ?? 'API request failed')
  // Handle error
}

const data = await apiResponse.json()
console.log('Protected API response:', data)

Reuse the same weekly granted permission for additional protected routes and providers in your agent flow. Your agent can continue paying until the weekly cap is reached, then continue after the next weekly period starts.