Skip to content

Commit f446b0c

Browse files
update seller and buyer guide
1 parent e94532f commit f446b0c

4 files changed

Lines changed: 18 additions & 17 deletions

File tree

smart-accounts-kit/guides/x402/buyer/advanced-permissions.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ const sessionAccount = privateKeyToAccount('0x...')
5252

5353
### 3. Get payment requirements
5454

55-
Call the protected API route once without a payment header.
55+
Call the protected API route once without the `PAYMENT-SIGNATURE` header.
5656

5757
The server returns `402` with the payment terms (`PAYMENT-REQUIRED`) in the response, which you use
5858
to build the payment payload.
@@ -222,7 +222,7 @@ For ERC-7710 (Smart Contract Delegation), x402 requires the payload fields `dele
222222
`permissionContext`, and `delegator`. The facilitator uses `permissionContext` to simulate
223223
during verification and then settle the payment.
224224

225-
Encode the full x402 payment payload as base64, then send it in the `payment-signature` header.
225+
Encode the full x402 payment payload as base64, then send it in the `PAYMENT-SIGNATURE` header.
226226

227227
<Tabs>
228228
<TabItem value="example.ts">
@@ -267,13 +267,13 @@ export type PaymentPayload = {
267267
268268
### 7. Make the paid request
269269
270-
Send the base64-encoded x402 payment payload in the `payment-signature` header.
270+
Send the base64-encoded x402 payment payload in the `PAYMENT-SIGNATURE` header.
271271
If verification succeeds, the server returns the protected data.
272272
273273
```ts
274274
const apiResponse = await fetch('https://api.example.com/paid-endpoint', {
275275
headers: {
276-
'payment-signature': encodedPayment,
276+
'PAYMENT-SIGNATURE': encodedPayment,
277277
},
278278
})
279279

smart-accounts-kit/guides/x402/buyer/delegations.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@ export const buyerAccount = privateKeyToAccount('0x<BUYER_PRIVATE_KEY>')
6969

7070
### 2. Get payment requirements
7171

72-
Call the protected API route once without a payment header.
72+
Call the protected API route once without the `PAYMENT-SIGNATURE` header.
7373

7474
The server returns `402` with the payment terms (`PAYMENT-REQUIRED`) in the response, which you use
7575
to build the payment payload.
@@ -194,7 +194,7 @@ For ERC-7710 (Smart Contract Delegation), x402 requires the payload fields `dele
194194
The facilitator uses `permissionContext` to simulate during verification and then settle the payment.
195195

196196
Use `encodeDelegations` to encode the delegation chain.
197-
Then base64 encode the full x402 payment payload before sending it in the `payment-signature` header.
197+
Then base64 encode the full x402 payment payload before sending it in the `PAYMENT-SIGNATURE` header.
198198

199199
<Tabs>
200200
<TabItem value="example.ts">
@@ -238,13 +238,13 @@ export type PaymentPayload = {
238238
239239
### 5. Make the paid request
240240
241-
Send the encoded x402 payment payload in the `payment-signature` header.
241+
Send the encoded x402 payment payload in the `PAYMENT-SIGNATURE` header.
242242
If verification succeeds, the server returns the protected data.
243243
244244
```ts
245245
const apiResponse = await fetch('https://api.example.com/paid-endpoint', {
246246
headers: {
247-
'payment-signature': encodedPayment,
247+
'PAYMENT-SIGNATURE': encodedPayment,
248248
},
249249
})
250250

smart-accounts-kit/guides/x402/buyer/recurring-payments.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -100,7 +100,7 @@ const grantedPermissions = await walletClient.requestExecutionPermissions([
100100

101101
### 4. Get payment requirements
102102

103-
Call the x402-protected endpoint without a payment header to request payment terms
103+
Call the x402-protected endpoint without the `PAYMENT-SIGNATURE` header to request payment terms
104104
after your agent has been granted permission.
105105

106106
The server returns `402` with the payment terms (`PAYMENT-REQUIRED`) in the response, which agent can use to
@@ -225,7 +225,7 @@ For ERC-7710 (Smart Contract Delegation), x402 requires the payload fields `dele
225225
`permissionContext`, and `delegator`. The facilitator uses `permissionContext` to simulate
226226
during verification and then settle the payment.
227227

228-
Encode the full x402 payment payload as base64, then send it in the `payment-signature` header.
228+
Encode the full x402 payment payload as base64, then send it in the `PAYMENT-SIGNATURE` header.
229229

230230
```ts
231231
import { PaymentPayload } from './types'
@@ -247,12 +247,12 @@ const encodedPayment = Buffer.from(JSON.stringify(paymentPayload)).toString('bas
247247

248248
### 7. Make the paid request
249249

250-
Send the base64-encoded x402 payment payload in the `payment-signature` header.
250+
Send the base64-encoded x402 payment payload in the `PAYMENT-SIGNATURE` header.
251251

252252
```ts
253253
const apiResponse = await fetch('https://api.example.com/paid-endpoint', {
254254
headers: {
255-
'payment-signature': encodedPayment,
255+
'PAYMENT-SIGNATURE': encodedPayment,
256256
},
257257
})
258258

smart-accounts-kit/guides/x402/seller.md

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -61,9 +61,9 @@ header, verifies it through the facilitator, and settles it before the protected
6161
It also fetches the current facilitator signer address and includes it in
6262
`PaymentRequirements.extra.facilitators`.
6363

64-
When the header is missing, the middleware encodes the payment requirements in a `PAYMENT-REQUIRED`
64+
When the `PAYMENT-SIGNATURE` header is missing, the middleware encodes the payment requirements in a `PAYMENT-REQUIRED`
6565
response header and returns `402 Payment Required` with a JSON body that tells the buyer how to pay.
66-
When the header is malformed, the middleware returns `400 Bad Request`.
66+
When the `PAYMENT-SIGNATURE` header is malformed, the middleware returns `400 Bad Request`.
6767

6868
The middleware builds payment requirements that follow the [x402 payment requirements schema](https://docs.x402.org/core-concepts/http-402#payment-headers-in-v2).
6969
Set `scheme` to `exact` and `assetTransferMethod` to `erc7710` so the facilitator routes the
@@ -91,7 +91,7 @@ request and returns it in the `PAYMENT-REQUIRED` response header when payment is
9191
</TabItem>
9292
<TabItem value = "PaymentPayload">
9393

94-
Decoded delegation payload the buyer sends in the `payment-signature` request header. The
94+
Decoded delegation payload the buyer sends in the `PAYMENT-SIGNATURE` request header. The
9595
middleware forwards this object to the facilitator's `/verify` and `/settle` endpoints.
9696

9797
| Name | Description |
@@ -139,8 +139,7 @@ export function createPaymentMiddleware(options: PaymentMiddlewareOptions) {
139139
},
140140
}
141141

142-
const paymentHeader =
143-
(req.headers['payment-signature'] as string) || (req.headers['x-payment-signature'] as string)
142+
const paymentHeader = req.get('PAYMENT-SIGNATURE')
144143

145144
if (!paymentHeader) {
146145
const paymentRequired = {
@@ -150,6 +149,7 @@ export function createPaymentMiddleware(options: PaymentMiddlewareOptions) {
150149
mimeType: options.mimeType || 'application/json',
151150
}
152151
const encoded = Buffer.from(JSON.stringify(paymentRequired)).toString('base64')
152+
res.setHeader('Access-Control-Expose-Headers', 'PAYMENT-REQUIRED, PAYMENT-RESPONSE')
153153
res.setHeader('PAYMENT-REQUIRED', encoded)
154154
res.status(402).json({ error: 'Payment Required', paymentRequired })
155155
return
@@ -388,6 +388,7 @@ the buyer can correlate the result with the original request.
388388
+ payer: verifyResult.payer,
389389
+ }
390390
+ const encodedResponse = Buffer.from(JSON.stringify(paymentResponse)).toString('base64')
391+
+ res.setHeader('Access-Control-Expose-Headers', 'PAYMENT-REQUIRED, PAYMENT-RESPONSE')
391392
+ res.setHeader('PAYMENT-RESPONSE', encodedResponse)
392393
// add-end
393394

0 commit comments

Comments
 (0)