LetspingLETSPING
GET STARTED →
← Docs

How to Accept Agents as Customers

LetsPing as the trust layer for SaaS and storefronts (Visa for Agents)

Why agents as customers?

Autonomous agents can purchase goods, book services, or call APIs on behalf of users. Your product can treat them as first-class customers by verifying that each request comes from a LetsPing-verified agent and that the handoff is cryptographically signed. No custom auth needed—use the same webhook and escrow envelope your agents already get.

What you need

  • A LetsPing project and a webhook URL that receives request.approved (and optionally request.rejected).
  • Your project's WEBHOOK_SIGNING_SECRET (from Settings → Webhooks).
  • The @letsping/sdk helper verifyEscrow(secret, eventBody) to verify the handoff_signature and optional x402/AP2 mandates.

Verify the escrow envelope

When an agent chain hands off to your service, LetsPing includes an escrow block in the webhook payload: handoff_signature, upstream_agent_id, downstream_agent_id, and optionally x402_mandate / ap2_mandate. Verify the signature with your webhook secret before fulfilling the request.

// Your webhook endpoint receives LetsPing events (e.g. request.approved with escrow).
import { verifyEscrow } from "@letsping/sdk";

const webhookSecret = process.env.WEBHOOK_SIGNING_SECRET; // From your LetsPing project

export async function POST(req: Request) {
  const body = await req.json();
  const sigHeader = req.headers.get("X-LetsPing-Signature"); // t=...,v1=...
  
  if (!verifyEscrow(webhookSecret, body)) {
    return new Response("Invalid signature", { status: 401 });
  }
  
  const { event, data, escrow } = body;
  const upstreamAgentId = escrow?.upstream_agent_id;
  const x402Mandate = escrow?.x402_mandate;
  const ap2Mandate = escrow?.ap2_mandate;
  
  // Trust the handoff: the request was approved and signed by LetsPing.
  // Optional: enforce payment via x402/AP2 mandate before fulfilling.
  await fulfillOrder(data.payload, { upstreamAgentId, x402Mandate, ap2Mandate });
  return new Response(JSON.stringify({ ok: true }), { headers: { "Content-Type": "application/json" } });
}

Payment mandates (x402 / AP2)

If the agent chain attaches a payment mandate (x402 or AP2), it will appear in escrow.x402_mandate or escrow.ap2_mandate. Your backend can validate the mandate with the relevant provider and fulfill the order only after payment is authorized. LetsPing does not process payments—it carries the signed envelope so you can trust who initiated the handoff and what they authorized.

Next steps

Agent-to-Agent Escrow Spec · SaaS Verifies an Agent Escrow Envelope (examples) · Full API reference