Payment Checks
A payment check is the gate you put in front of anything you want to charge for — a skill, a tool, a file download, or a unit of compute. Before you return, download, or execute the paid resource, you ask one question:402 Payment Required boundary that
consumers see. A platform that distributes paid skills — for example, an agent
host that runs a marketplace of skills — wires this check in front of each paid
skill so that only paid requests reach it. Apiosk gives you two ways to
implement it.
Approach 1 — Let the gateway be the payment check (recommended)
The simplest way to run the check is to not write it yourself. Publish your resource as an Apiosk listing. The gateway then performs the payment check on every request:- An unpaid request gets
HTTP 402 Payment Requiredwith machine-readable pricing. Your origin is never called. - A paid request is verified and settled, then forwarded to your origin — so your skill only ever runs for requests that have already paid.
https://gateway.apiosk.com/my-paid-skill/....
The gateway enforces payment; you keep 98% of each settled USDC call. See the
publisher guide for the full registration and management
flow, and the payment model for fees and rails.
Use this approach whenever you can put your resource behind an HTTPS origin that
the gateway can forward to. It is the safest option because none of your code has
to verify proofs or hold payment state.
Approach 2 — Run the check in your own code (advanced)
If you host the resource yourself and cannot route it through the gateway, run the check inline. Apiosk follows the open x402 standard, so the gate is a standard402 flow:
- A request arrives for the paid resource.
- If it does not carry a valid
x-paymentproof, respond withHTTP 402 Payment Requiredand a body describing what payment is accepted. - The caller pays and retries the same request with the proof in
x-payment. - Verify the proof, then serve the resource.
402 body is the standard x402 PaymentRequiredResponse:
verifyPayment settles and verifies the proof through an x402 facilitator before
you serve. Building and verifying proofs yourself is more work than Approach 1 —
prefer publishing a listing unless you specifically need to keep the resource on
your own host.
Which approach to use
| You want to… | Use |
|---|---|
| Charge for an HTTPS endpoint with no payment code | Approach 1 — publish a listing |
| Keep the resource on your own host and enforce inline | Approach 2 — self-hosted 402 gate |
| Charge per call and keep 98% of USDC settlement | Approach 1 — publish a listing |
Related links
- Payment model: /overview/payment-model
- Publisher guide: /guides/publishers
- Errors and retries: /guides/errors-and-retries
- Consumer side of the same boundary: /guides/consumers