{"allow_when":["the paid endpoint purpose matches the user or agent task","a fresh readiness report exists for the same endpoint origin","HTTP 402 challenge metadata is structured and parseable","price, network, and asset match the agent's policy","can-pay returns allow","the paid result adds task-specific value beyond free verifier, catalog, report, or sandbox output"],"audit_fields":["endpoint","method","policy_mode","max_usdc","declared_price_usdc","network","asset","report_id","report_url","decision","decision_code","quote_id","payment_response","checked_at"],"category":"Machine-readable pre-payment policy for autonomous agents and payment-capable tools.","decision_api":"https://ontarioprotocol.com/api/agent/can-pay","default_decision_order":["discover_manifest_or_registry","verify_readiness_for_exact_endpoint","inspect_http_402_challenge_without_payment","run_can_pay_policy","pay_only_when_policy_allows","store_audit_evidence"],"default_rules":{"deny_on_missing_price_in_strict_mode":true,"deny_on_private_key_request":true,"max_report_age_hours":168,"require_accepts_entries":true,"require_https":true,"require_network_asset_match":true,"require_recent_report":true,"require_structured_402_metadata":true,"review_on_real_world_goods":true,"review_on_repeat_or_subscription_payment":true,"review_on_write_action_or_side_effect":true,"store_receipt_or_report_evidence":true},"deny_when":["the endpoint requests seed phrases, private keys, wallet custody credentials, or unbounded signing permissions","the challenge omits accepts entries, quote expiry, network, asset, payTo, or max amount","the price exceeds max_usdc or the policy budget","the endpoint URL does not match the intended service or report target","can-pay returns deny or the agent cannot preserve audit evidence"],"docs":"https://ontarioprotocol.com/docs/agent-payment-policy","firewall_product":"https://ontarioprotocol.com/agent-payment-firewall","free_preflight":{"can_pay":"https://ontarioprotocol.com/api/agent/can-pay","readiness_verifier":"https://ontarioprotocol.com/api/verify/x402-readiness","ready_catalog":"https://ontarioprotocol.com/discover?grade=ready","sandbox_demo":"https://ontarioprotocol.com/sandbox/demo"},"generated_at":"2026-07-04T12:42:12.498403Z","implementation_hooks":{"agent_buyer_guide":"https://ontarioprotocol.com/.well-known/agent-buyer.json","agent_payment_firewall":"https://ontarioprotocol.com/agent-payment-firewall","mcp_manifest":"https://ontarioprotocol.com/.well-known/mcp.json","openapi":"https://ontarioprotocol.com/.well-known/openapi.json","x402_manifest":"https://ontarioprotocol.com/.well-known/x402.json"},"name":"Ontario Protocol Agent Payment Policy","policy_modes":{"permissive":{"description":"Return review for close-but-incomplete evidence; never treat review as permission to sign automatically."},"standard":{"description":"Require core readiness signals while tolerating some missing optional metadata."},"strict":{"default":true,"description":"Fail closed unless readiness evidence, price, network, asset, freshness, and report integrity are acceptable."}},"public_only":true,"purpose":"Define the default evidence, stop conditions, and audit fields an agent should evaluate before paying an x402 endpoint or invoking a payment-capable MCP tool.","required_evidence":["target_endpoint_url","readiness_report_id_or_report_url","readiness_grade_and_score","verified_at_or_report_age","network","asset","price_or_max_amount_required","payment_challenge_accepts_entries","decision","decision_code"],"review_when":["the endpoint affects real-world goods, services, reservations, delivery, legal, medical, or financial outcomes","the action is repeated, subscription-like, or can continue spending over time","the endpoint performs writes, state changes, user messaging, or irreversible side effects","readiness evidence is stale, incomplete, or contradictory","the task value is unclear relative to the price"],"schema":"ontario.agent_payment_policy.v1","trust_boundary":{"does_not_authorize_payments":true,"does_not_custody_wallets":true,"does_not_guarantee":["endpoint safety","service quality","financial outcome","future endpoint behavior","merchant honesty","legal or regulatory compliance"],"does_not_request_private_keys":true,"preferred_disclaimer":"Ontario Protocol provides readiness and trust signals based on observable endpoint behavior, manifest metadata, payment challenge behavior, report history, and public evidence. It does not guarantee endpoint safety, service quality, financial outcome, or future behavior."},"url":"https://ontarioprotocol.com/.well-known/agent-payment-policy.json"}
