---
title: "{name}" Intent for HTTP Payment Authentication
abbrev: "{name}" Intent
docname: draft-payment-intent-{name}-00
version: 00
category: std
ipr: noModificationTrust200902
submissiontype: IETF
consensus: true
author:
- name: Your Name
ins: Y. Name
email: you@example.com
org: Your Organization
---
This document defines the "{name}" payment intent for use with the Payment HTTP Authentication Scheme [I-D.httpauth-payment]. The "{name}" intent represents [one-sentence description of what this intent does].
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.
- Introduction
- Requirements Language
- Intent Semantics
- Request Schema
- Credential Requirements
- Verification
- Security Considerations
- IANA Considerations
- References
- Authors' Addresses
[Describe the payment pattern this intent represents. Include:]
- What problem does it solve?
- When would a server use this intent?
- How is it different from existing intents?
[List 3-5 concrete use cases for this intent]
- Use case 1: Description
- Use case 2: Description
- Use case 3: Description
[Explain how payment methods would implement this intent]
| Method | Implementation |
|---|---|
| Example1 | How Example1 would implement this |
| Example2 | How Example2 would implement this |
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
The "{name}" intent represents [formal definition].
| Property | Value |
|---|---|
| Intent Identifier | {name} |
| Payment Timing | [Immediate / Deferred / Recurring] |
| Idempotency | [Single-use / Reusable] |
| Reversibility | [Method-dependent / Revocable / Final] |
Client Server Payment Network
│ │ │
│ (1) GET /resource │ │
├───────────────────────────────>│ │
│ │ │
│ (2) 402 Payment Required │ │
│ intent="{name}" │ │
│<───────────────────────────────┤ │
│ │ │
│ [Describe remaining flow] │ │
│ │ │
[Describe any special semantic properties: atomicity, ordering, etc.]
The request parameter for a "{name}" intent MUST include:
| Field | Type | Description |
|---|---|---|
field1 |
string | Description |
field2 |
number | Description |
| Field | Type | Description |
|---|---|---|
optionalField |
string | Description |
{
"field1": "value",
"field2": 1000
}The credential payload for a "{name}" intent MUST contain:
| Field | Type | Required | Description |
|---|---|---|---|
proof |
object | Yes | Method-specific proof |
[Describe what types of proofs are acceptable]
| Proof Type | Description | Example Methods |
|---|---|---|
| Type1 | Description | Methods that use it |
[Describe if credentials can be reused, validity windows, etc.]
Servers verifying a "{name}" credential MUST:
- Verify the
idmatches an outstanding challenge - Verify the challenge has not expired
- [Additional verification steps]
[Describe settlement semantics: when is payment finalized?]
[Describe threat and mitigation]
[Describe threat and mitigation]
[Describe threat and mitigation]
This document registers the "{name}" intent in the "HTTP Payment Intents" registry established by [I-D.httpauth-payment]:
| Intent | Description | Reference |
|---|---|---|
{name} |
[Brief description] | This document |
-
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
-
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, May 2017.
-
[I-D.httpauth-payment] Moxey, J., "The 'Payment' HTTP Authentication Scheme", draft-httpauth-payment-00.
[Add any informative references]
Your Name Your Organization Email: you@example.com