What is the Agent Approval Protocol (AAP)?

AAP is the authorization layer for AI-driven payments. It decides whether an AI agent is allowed to move money — before the transaction happens. It provides verifiable agent identity, real-time policy enforcement (sanctions screening, spend controls, OPA eval), and a cryptographic audit trail. Published March 18, 2026 under Apache 2.0 by AGSM LLC. If Stripe moves money, AAP decides if it should move at all.

What problems does AAP solve for AI agent payments?

AAP solves three critical gaps: (1) No verifiable agent identity — any system can claim to be any agent. (2) No spend controls — agents can authorise any amount without enforcement. (3) No audit trail — actions are logged after the fact, if at all. AAP enforces all three before a dollar moves.

What is the AAP enforcement flow?

Every transaction goes through five stages: Auth0 agent authentication → KYA Engine fingerprinting and trust-level assignment → Enforcement Engine (Comply Advantage sanctions check + OPA policy evaluation, resulting in ALLOW, DENY, or ESCALATE) → ATXP per-agent wallet custody → execution via Coinbase X402 or Modern Treasury. Every decision is appended to an immutable audit chain.

What license is AAP published under?

Apache 2.0. The copyright is held by AGSM LLC. Any team may implement, fork, or extend the protocol. External contributors are subject to the AAP Contributor License Agreement.

Who has implemented AAP in production?

Harmoney Financial Technologies (inharmoney.com) is the first production implementation of AAP. They use it as the compliance and identity layer for AI agent payment links, per-agent wallets, and human approval workflows.

How does AAP relate to MoonPay Open Wallet Standard and Coinbase X402?

MoonPay Open Wallet Standard is the wallet layer — it handles how agents store and access funds. Coinbase X402 is the payment rail — it handles HTTP-native machine-to-machine payment execution. AAP is the compliance enforcement layer that sits above both: it verifies agent identity, screens transactions against sanctions lists, evaluates policy, enforces spend limits, and generates a cryptographic audit trail before any payment executes.

Agent Approval Protocol

Name: Agent Approval Protocol
Author: AGSM LLC

Why This Exists

Very soon there will be more agents than humans making transactions — because agents cannot open bank accounts the way humans can.
Brian Armstrong — CEO, Coinbase

AAP

We built the authorization layer for agents.

Visa is embedding payments directly into agentic workflows.
Visa Intelligent Commerce — Launch, 2026

AAP

The rails exist. The authorization doesn't. Until now.

The agent economy has payment rails. It didn't have a wallet standard. We built one.
MoonPay Open Wallet Standard — March 2026
Backed by Ethereum Foundation · Solana Foundation · PayPal

AAP

The wallet is one layer. Compliance is another. That's ours.

The Authorization Layer

01

KNOW YOUR AGENT

Every AI agent that transacts gets a verified identity. Scoped. Fingerprinted. Bounded by policy before it touches money. No anonymous agents. No unchecked access.

02

AUTHORIZE OR BLOCK

Every transaction request runs through a live authorization engine — sanctions screening, OPA policy evaluation, and spend limit checks — before a dollar moves. One of three decisions: ALLOW, DENY, or ESCALATE to a human. If Stripe moves money, AAP decides if it should move at all.

03

PROVE EVERYTHING

A cryptographic audit chain captures every decision, every approval, every denial. Immutable. Auditable. Built for the regulators, auditors, and enterprise compliance teams that will ask for it.

The Authorization Flow

Auth0

IDENTITY

Agent authenticates. Identity established and scoped.

KYA Engine

FINGERPRINT

Agent fingerprinted. Trust level assigned. Max Trust Level 2 within AAP.

Enforcement Engine

EVALUATE

Comply Advantage sanctions check. OPA policy eval. ALLOW / DENY / ESCALATE issued.

ATXP Wallet

CUSTODY

Per-agent protected wallet. Spend controls enforced at the custody layer.

X402 · Modern Treasury

EXECUTE

Payment executes via X402 or Modern Treasury. Audit chain sealed.

ALLOW

Transaction cleared. Executes immediately. Logged.

DENY

Transaction blocked. Reason recorded. Audit trail updated.

ESCALATE

Routed to human approval workflow. Held until decision issued.

Documentation

Protocol Specification

AAP-SPEC-v0.1

The full technical specification. Trust levels, grant schema, canonical signing format, audit chain construction.

Read Spec →

Quickstart

INTEGRATE IN MINUTES

Generate a keypair, register an agent identity, submit a signed intent, and read your first audit receipt.

Get Started →

Error Reference

ERROR CODES

Every error code the enforcement engine can return, with cause, resolution, and example response payloads.

View Errors →

Interactive

SANDBOX PLAYGROUND

Run the full AAP authorization flow live. Generate keys, build intents, sign, verify, and inspect the audit chain.

Launch Playground →

Open Standard

AAP IS OPEN.
THE AUTHORIZATION LAYER
IS YOURS TO BUILD ON.

AAP is published under Apache 2.0. Any team can implement, fork, or extend the protocol. The copyright is held by AGSM LLC. The standard belongs to everyone who builds on it.

Apache 2.0 ↗ GitHub Repository

External contributors are subject to the AAP Contributor License Agreement.

Built On AAP

HARMONEY IS THE GATEWAY BETWEEN THE HUMAN ECONOMY AND THE AI ECONOMY.

Harmoney Financial Technologies is the first company to implement AAP at production scale. Payment links. AI agent wallets. Spend controls. Human approvals. A full compliance stack, live in sandbox today.

Explore Harmoney → Try the Sandbox

Payment links for AI-initiated transactions
Per-agent wallets with enforced spend controls
Human-in-the-loop approval workflows
AAP compliance enforcement at production scale
Sandbox live today at inharmoney.com/dev

Technical Stack

Layer	Component	Description	Status
Identity	Auth0 by Okta	Agent authentication, session management, role scoping	Partnership Active
Verification	KYA Engine	Per-agent identity fingerprinting and trust level assignment	Open Source
Compliance	Comply Advantage	Real-time sanctions screening and watchlist monitoring	Enterprise
Policy	Open Policy Agent	Declarative policy evaluation engine	Open Source
Custody	ATXP	Per-agent protected wallets with spend controls	Proprietary
Rails	Coinbase X402	HTTP-native machine-to-machine payment protocol	Integration
Rails	Modern Treasury	ACH, RTP, USDC settlement and payment orchestration	Signed
Data	Plaid	Bank account verification and financial data connectivity	Signed

AGENTAPPROVALPROTOCOL