What is the Agentic Commerce Protocol?

The Agentic Commerce Protocol (ACP) is an open standard co-developed by OpenAI and Stripe that enables AI agents to complete commercial transactions on behalf of users. It consists of three specifications: Product Feed, Agentic Checkout, and Delegated Payment.

Yes, the protocol specification is free and open source (Apache 2.0). Standard payment processing fees apply when using Stripe for payments.

Do merchants keep their customer relationships with ACP?

Yes, merchants remain the merchant of record and keep full control over customer relationships, including customer data, emails, and support.

How are payments secured in ACP?

ACP uses Shared Payment Tokens (SPTs) that are merchant-specific, amount-limited, time-limited, and single-use. The AI agent never sees actual payment credentials.

Which AI assistants support ACP?

ChatGPT supports ACP via its Instant Checkout feature. As an open standard, any AI platform can implement ACP support.

Glossary

A comprehensive reference of terms used in agentic commerce and the Agentic Commerce Protocol (ACP). Terms are organized alphabetically for easy reference.

A

ACP (Agentic Commerce Protocol)

An open standard co-developed by OpenAI and Stripe that enables AI agents to facilitate commercial transactions between buyers and merchants. ACP consists of three specifications: Product Feed, Agentic Checkout, and Delegated Payment.

Agentic AI

Artificial intelligence systems capable of taking autonomous actions to achieve goals, not just providing information. In commerce, agentic AI can search, compare, and purchase products on behalf of users.

Agentic Commerce

A paradigm shift in e-commerce where AI agents act as intermediaries between consumers and merchants, handling product discovery, comparison, and checkout facilitation while maintaining human oversight for purchase decisions.

AI Agent

A software system powered by artificial intelligence that can understand user intent, take actions, and interact with external systems (APIs) on behalf of the user. Examples include ChatGPT, Claude, and other conversational AI assistants.

API (Application Programming Interface)

A set of protocols and tools that allow different software systems to communicate. ACP defines APIs that AI agents use to interact with merchant systems.

API Key

A unique identifier used to authenticate requests to an API. In ACP, API keys identify the AI agent or platform making requests to merchant endpoints.

Authorization

The process of approving a payment for a specific amount. In ACP, authorization happens when a Shared Payment Token is created, before the merchant captures the funds.

B

Base64 Encoding

A method of encoding binary data as ASCII text. Used in ACP for signature encoding and token representation.

Buyer Context

Information about the buyer provided during checkout, including shipping address, email, and preferences. This data is passed through the AI agent to the merchant.

C

Capture

The process of claiming previously authorized funds. After a payment is authorized via SPT, the merchant captures (charges) the funds to complete the transaction.

Cart

A collection of items a user intends to purchase. In ACP, the cart is part of the checkout session and includes product IDs, quantities, and calculated prices.

Checkout Session

A temporary, stateful object that tracks the progress of a purchase from cart creation to payment completion. Sessions expire after a set time (typically 30 minutes) for security.

Checkout Session ID

A unique identifier for a checkout session, used in all subsequent API calls to update or complete the session. Format: cs_ followed by alphanumeric characters.

Conversion Rate

The percentage of visitors who complete a purchase. Agentic commerce typically achieves higher conversion rates due to reduced friction.

A security feature that controls which domains can access your API. ACP endpoints may need appropriate CORS headers for web-based integrations.

D

Delegated Payment

A payment model where the user authorizes a payment through their payment provider, which issues a limited token that can be passed through intermediaries (like AI agents) to complete the transaction.

Discovery

The process by which AI agents find products that match user needs. ACP enables discovery through structured Product Feeds that agents can search and filter.

E

E-E-A-T

Experience, Expertise, Authoritativeness, and Trustworthiness—Google’s framework for evaluating content quality. Relevant for SEO in agentic commerce.

Endpoint

A specific URL where API requests are sent. ACP defines endpoints like /checkout_sessions and /checkout_sessions/{id}/complete.

Expiration

The time after which a checkout session or payment token becomes invalid. Expiration prevents stale sessions and unused authorizations from persisting.

F

Feed (Product Feed)

A structured data file containing product information that AI agents can read and search. Feeds include product IDs, titles, descriptions, prices, and availability.

Fulfillment

The process of preparing and shipping an order to the customer. In ACP, fulfillment remains the merchant’s responsibility after checkout completion.

Function Calling

An AI capability that allows language models to invoke external functions/APIs. ACP integration often uses function calling to enable AI agents to interact with checkout systems.

G

Gateway (Payment Gateway)

A service that processes credit card payments. Stripe serves as the payment gateway in ACP implementations.

H

HMAC (Hash-based Message Authentication Code)

A cryptographic method for verifying both data integrity and authentication. ACP uses HMAC-SHA256 for request signing.

HTTP Methods

Standard request types in web APIs:

GET: Retrieve data
POST: Create or update data
PATCH: Partial update
DELETE: Remove data

I

Idempotency

The property ensuring that making the same request multiple times produces the same result. Essential for preventing duplicate orders in ACP.

Idempotency Key

A unique identifier included in requests to ensure idempotency. If a request is retried with the same idempotency key, the server returns the original response.

Instant Checkout

OpenAI’s consumer-facing feature powered by ACP that allows ChatGPT users to complete purchases without leaving the conversation.

Integration

The process of connecting a merchant’s systems to support ACP. Integrations range from simple platform plugins to full custom implementations.

J

JSON (JavaScript Object Notation)

A lightweight data format used for ACP API requests and responses. Example:


{
  "product_id": "prod_123",
  "quantity": 1
}

JWT (JSON Web Token)

A compact, URL-safe token format sometimes used for authentication. Not to be confused with Shared Payment Tokens, which have different security properties.

K

KYC (Know Your Customer)

Merchant verification processes required by payment providers. Merchants must complete KYC to accept payments through ACP.

L

Latency

The time delay between a request and response. Low latency is important for smooth conversational commerce experiences.

LLM (Large Language Model)

The AI technology powering agents like ChatGPT. LLMs understand natural language and can reason about user requests.

Line Item

A single product entry in a cart, including the product ID, quantity, unit price, and line total.

M

Merchant

A business selling products or services through ACP. Merchants implement ACP APIs, handle fulfillment, and remain the merchant of record.

Merchant of Record

The legal entity responsible for a transaction, including tax collection, refunds, and dispute resolution. In ACP, this is always the merchant, not the AI platform.

MCP (Model Context Protocol)

Anthropic’s protocol for connecting AI models to external tools and data sources. Complementary to ACP, which focuses specifically on commerce.

Metadata

Additional information attached to objects. Product metadata might include custom attributes, tags, or merchant-specific data.

N

Natural Language Processing (NLP)

AI technology that enables understanding of human language. NLP allows users to express shopping intent conversationally.

O

OAuth

An authorization framework that allows third-party access to resources. Some ACP implementations use OAuth for merchant authentication.

Order

A completed purchase including items, totals, shipping details, and fulfillment status. Orders are created when checkout sessions complete successfully.

Order ID

A unique identifier for a completed order, used for tracking, fulfillment, and customer service.

P

Payload

The data sent in an API request body. ACP payloads are JSON-formatted and include cart items, buyer context, and payment data.

Payment Intent

A Stripe object representing the intent to collect payment. ACP uses payment intents with delegated payment options.

Payment Method

The means of payment (credit card, debit card, etc.). In ACP, payment methods are stored with Stripe, not exposed to merchants or AI agents.

Payment Provider

A service that processes payments. Stripe is the primary payment provider for ACP.

Payment Token

See Shared Payment Token.

PCI DSS (Payment Card Industry Data Security Standard)

Security standards for handling credit card data. ACP’s token-based approach minimizes PCI compliance requirements for AI platforms.

Product ID

A unique identifier for a product in a merchant’s catalog. Used in cart items and checkout sessions.

Protocol

A set of rules governing communication between systems. ACP is a protocol defining how AI agents and merchants interact.

Q

Query Parameter

Data passed in a URL after the ? character. Some ACP endpoints accept query parameters for filtering or pagination.

R

Rate Limiting

Restricting the number of API requests allowed in a time period. Protects merchant systems from overload.

REST (Representational State Transfer)

An architectural style for web APIs using standard HTTP methods. ACP follows REST principles.

Refund

Returning money to a customer after a purchase. Refunds are handled by the merchant through their existing payment systems.

Request Signing

Adding a cryptographic signature to API requests to verify authenticity and prevent tampering.

S

Schema

A structured definition of data format. ACP defines schemas for products, checkout sessions, and API responses.

SDK (Software Development Kit)

A collection of tools and libraries for building applications. Stripe provides SDKs that simplify ACP integration.

Session State

The current status of a checkout session (not_ready_for_payment, ready_for_payment, completed, cancelled, expired).

Shared Payment Token (SPT)

A secure, limited-use credential that allows a specific merchant to charge a specific amount. Key properties:

Merchant-specific
Amount-limited
Time-limited
Single-use

🔐

SPTs are the core innovation enabling secure payments through AI agents without exposing actual payment credentials.

Shipping Address

The physical address where orders are delivered. Required for physical goods in ACP checkout sessions.

SKU (Stock Keeping Unit)

A merchant’s internal product identifier. May differ from the external product ID exposed in feeds.

SSL/TLS

Encryption protocols securing internet communications. All ACP communications require HTTPS (TLS).

Stripe

The payment infrastructure company that co-developed ACP with OpenAI and provides the payment processing layer.

Stripe Agent Toolkit

A library that simplifies building AI agents with Stripe payment capabilities, including ACP support.

T

Tax

Government-mandated charges on purchases. Merchants calculate and collect taxes; ACP sessions include tax in totals.

Timestamp

A record of when an event occurred. Used in request signing to prevent replay attacks.

Token

A piece of data representing something else (like payment authorization). See Shared Payment Token.

Totals

The calculated amounts in a checkout session:

Subtotal: Sum of item prices
Shipping: Delivery cost
Tax: Applicable taxes
Total: Final amount to charge

U

UUID (Universally Unique Identifier)

A standard for generating unique IDs. Often used for session IDs, order IDs, and idempotency keys.

User Agent

The software making a request. AI agents identify themselves in API requests.

V

Variant

A specific version of a product differing by attributes like size, color, or material. Products can have multiple variants.

Versioning

The practice of maintaining multiple API versions. ACP uses URL path versioning (e.g., /v1/).

W

Webhook

An HTTP callback that notifies external systems when events occur. Merchants can receive webhooks for order events.

Webhook Secret

A cryptographic key used to verify webhook authenticity.

X

XML

Extensible Markup Language. While ACP uses JSON, some product feeds may support XML format.

Y

YAML

A human-readable data format. Sometimes used for configuration files in ACP implementations.

Z

Zero-shot

An AI capability to perform tasks without specific training examples. Relevant to how AI agents interpret novel shopping requests.

Acronym Reference

Acronym	Full Term
ACP	Agentic Commerce Protocol
AI	Artificial Intelligence
API	Application Programming Interface
CORS	Cross-Origin Resource Sharing
HMAC	Hash-based Message Authentication Code
HTTP	Hypertext Transfer Protocol
HTTPS	HTTP Secure
JSON	JavaScript Object Notation
JWT	JSON Web Token
KYC	Know Your Customer
LLM	Large Language Model
MCP	Model Context Protocol
NLP	Natural Language Processing
PCI DSS	Payment Card Industry Data Security Standard
REST	Representational State Transfer
SDK	Software Development Kit
SKU	Stock Keeping Unit
SPT	Shared Payment Token
SSL	Secure Sockets Layer
TLS	Transport Layer Security
URL	Uniform Resource Locator
UUID	Universally Unique Identifier

📚

Can’t find a term? Check our FAQ or suggest additions through our community channels.