Now in private beta

Spending Cards for AI Agents

AgentCard gives your AI agent a prepaid card with programmable spend rules. Real-time authorization through one webhook.

Start Building

or tell your AI

Give me a spending card with $500 daily limit. Follow https://agentcard.so/skills.md

Paste into Claude Code, Cursor, Hermes, or any AI agent.

Why AgentCard

Built for agents, not humans.

Traditional card issuers were designed for human checkout flows. AgentCard ships with the primitives autonomous agents actually need.

AgentCard

Open-core · Rust

✓Real-time webhook auth (<5ms)
✓Per-agent prepaid cards
✓Append-only audit ledger
✓Idempotency built-in
✓12 normalized decline codes
✓MCP server included
✓Self-host or hosted

Stripe Issuing

Card infra

✓Webhook auth
×No agent abstraction
×Build rules yourself
×No MCP
×No ledger primitives
×You manage idempotency

Lithic

Card infra

✓Auth stream
✓Velocity controls
×No agent abstraction
×No MCP
×Rule engine is yours
×No open-source core

Primitives

One webhook. Everything else handled.

Drop AgentCard between your issuer and your agent stack. Get auth, rules, ledger, and observability for free.

Real-time authorization

Approve or decline transactions in single-digit milliseconds. One webhook, deterministic outcome.

POST /v1/webhooks/issuer "agentcard_outcome": { "decision": "approve", "current_daily_spend_usd_cents": 15000, "decided_at": "2026-05-10T..." }

Programmable rules

Per-card limits, MCC allowlists, freeze flags, per-auth caps. Composable, predictable, auditable.

// card policy { "daily_limit": 50000, "per_auth_max": 20000, "mcc_allowlist": ["travel", "saas"], "frozen": false }

Append-only ledger

Every authorization, decline, and balance change recorded immutably. Replay, audit, reconcile.

$ agentcard ledger tail approve $150.00 delta.com travel decline $250.00 marriott.com per_auth decline $ 80.00 starbucks.com mcc decline $ 50.00 hilton.com frozen

MCP server included

Any MCP-compatible agent (Claude, Cursor, Hermes) can create cards, set rules, and read the ledger.

// .mcp/config.json { "agentcard": { "command": "npx agentcard-mcp", "env": { "AGENTCARD_KEY": "ac_live_..." } } }

Use cases

Where agents need cards.

Every autonomous workflow that touches money becomes safer with per-agent prepaid limits.

Travel agent

→

Books flights & hotels

Per-trip budget, locked to travel MCCs, auto-froze on completion.

Procurement agent

→

Buys SaaS & APIs

Monthly cap per vendor, requires approval above threshold.

Ops agent

→

Pays cloud & infra

Daily ceiling, real-time anomaly detection on spike.

Research agent

→

Subscribes & purchases

One-time tokens, expire on use, full provenance trail.

Integration

Five lines. One webhook.

Bootstrap an owner, mint an API key, create an agent, issue a card. Then point Stripe Issuing at your webhook.

        
        
        
        
      
import { AgentCard } from "agentcard";

const ac = new AgentCard({ key: "ac_live_..." });

const agent = await ac.agents.create({ name: "travel-bot" });
const card  = await ac.cards.create({
  agent_id: agent.id,
  daily_limit_cents: 50000,
  mcc_allowlist: ["travel", "lodging"]
});

// Point Stripe Issuing webhook → POST /v1/webhooks/issuer
from agentcard import AgentCard

ac = AgentCard(key="ac_live_...")

agent = ac.agents.create(name="travel-bot")
card  = ac.cards.create(
    agent_id=agent.id,
    daily_limit_cents=50000,
    mcc_allowlist=["travel", "lodging"],
)

# Point Stripe Issuing webhook → POST /v1/webhooks/issuer
# Bootstrap an owner (no auth)
curl -X POST https://api.agentcard.so/v1/owners \
  -d '{"name":"acme"}'

# Create a card
curl -X POST https://api.agentcard.so/v1/cards \
  -H "Authorization: Bearer ac_live_..." \
  -H "Idempotency-Key: $(uuidgen)" \
  -d '{"agent_id":"agt_...","daily_limit_cents":50000}'
// .mcp/config.json — works in Claude Code, Cursor, Hermes
{
  "mcpServers": {
    "agentcard": {
      "command": "npx",
      "args": ["-y", "agentcard-mcp"],
      "env": { "AGENTCARD_KEY": "ac_live_..." }
    }
  }
}

FAQ

Questions, answered.

Who issues the actual card?

AgentCard is the rules and ledger layer. We sit between your issuer (Stripe Issuing today, Lithic soon) and your agent. You bring the BIN sponsor; we make it safe for autonomous use.

Can I self-host?

Yes. The core is Rust + Postgres, open at github.com/navi25/agentcard-core. One binary, one Docker image, one migrate command.

How fast is the auth path?

Single-digit milliseconds in-memory, low-double-digit with Postgres on a warm pool. The webhook returns a deterministic decision plus 12 normalized decline reasons.

Is there a hosted version?

Private beta now. Bring your Stripe Issuing account, get an ac_live_ key, point the webhook. Production access by invite.