Stripe and OpenAI's ACP turns agent browsing into buying

Stripe and OpenAI introduced the Agentic Commerce Protocol, a standard that lets AI agents read catalogs, pass verified purchase intent, and complete payments in one thread. Learn what changes and how to prepare for 2026.

ByTalosTalos
AI Agents
Stripe and OpenAI's ACP turns agent browsing into buying

What just happened and why it matters

On September 29, 2025, Stripe announced that it is powering Instant Checkout inside ChatGPT and that it co-developed the Agentic Commerce Protocol with OpenAI. The promise is sweeping. AI agents will not only browse products, they will place orders in the same conversation. That shift turns discovery into revenue without sending the shopper to a separate website, app, or payment form. For commerce, this is the missing standard that connects intent to settlement. Stripe’s announcement of ACP and Instant Checkout put a clear stake in the ground.

If you have watched agent demos over the past year, you have seen lots of comparisons and carts but very few conversions. The issue was not the agents. It was the lack of a uniform way to request a product, prove the user’s intent, pass the right payment credentials, and receive a confirmed order. ACP is the connective layer that makes this flow predictable for both sides.

What ACP actually standardizes

Think of ACP as a common curb cut for commerce. It does not replace your storefront or payment stack. It creates a simple, predictable entrance ramp where any compatible agent can:

  • Discover what you sell with enough detail to make a confident recommendation
  • Convey a user’s purchase intent in a structured way you can trust
  • Complete checkout instantly using delegated payment credentials

Under the hood, ACP specifies a portable interface you can implement as traditional REST endpoints or as a Model Context Protocol server. Either way, agents get a consistent vocabulary and sequence for three jobs that were previously ad hoc: catalog access, intent passing, and instant checkout.

1) Normalized catalog access

Agents need a reliable view of what is on the shelf. ACP encourages a compact but expressive product model: title, images, price, availability, shipping options, delivery regions, and basic attributes such as size or material. That data can be provided via a feed or a queryable endpoint. The goal is not to recreate your entire ecommerce backend. It is to expose a machine friendly catalog slice that answers the most common pre purchase questions quickly and unambiguously.

A concrete example: a ceramic mug merchant can surface a short list of top sellers, their variants, real time availability, and two shipping options. An agent that has been asked for a dishwasher safe mug under thirty dollars that can arrive by Friday now has everything it needs to select a specific SKU with confidence, without scraping or guessing.

2) Structured intent passing

Browsing is not buying. ACP defines the handoff where an agent says, in effect, here is what my user wants to do. That intent includes the chosen product, quantity, shipping address, contact details, and the user’s approval to proceed. Crucially, it also includes a charge authorization in the form of a delegated payment token rather than a raw card number.

That token, in Stripe’s terminology, is a Shared Payment Token. A Shared Payment Token is scope limited, time bound, and tied to a specific transaction cap. It tells the merchant you are authorized to charge up to this amount for this purchase. That makes the transaction verifiable without exposing sensitive card data. It also gives the merchant clear guardrails for fraud and compliance controls.

3) Instant checkout

With a catalog in hand and intent confirmed, ACP standardizes a minimal set of calls to create and complete a checkout. The merchant acknowledges the order, runs risk checks, and settles the charge using their existing payment processor. If a step up challenge is required under local regulation, the agent can prompt the user for an extra verification step. In most cases, the experience collapses from a dozen fields on a web page to a single confirm message in chat.

The early ecosystem signal

Standards live or die by adoption. The initial ACP rollout shows encouraging breadth across payments, platforms, and enterprise pilots.

  • Payments: Stripe is the first large scale processor to ship ACP primitives in production and to issue delegated payment tokens that agents can pass during checkout. Several networks are piloting complementary standards for agent trust and authentication. Even when these efforts vary, they point in the same direction, which is a more predictable way to approve agent initiated purchases while keeping the user in control.

  • Commerce platforms: The first live catalog and fulfillment surface is Etsy in the United States, with Shopify announced as next in line. Salesforce has said it will support ACP aligned Instant Checkout in its commerce suite. This matters because platforms anchor the long tail of merchants who lack the engineering resources to build deep custom integrations.

  • Enterprise pilots and integrators: Large retailers are exploring agent native merchandising, and major consulting firms have publicly committed to ACP implementation programs. That signals board level attention and a path to scale beyond early demos.

Together, these developments indicate that ACP is not a niche developer toy. It is on a path to coverage across mainstream shopping contexts.

How ACP fits alongside other agent standards

Several groups are defining how agents get consent, prove identity, and move money. You will hear about mandates, trusted agents, and on chain payment primitives. ACP does not try to solve everything. It focuses on the commerce edge where agents talk to sellers. You can think of ACP as the porch light over the merchant’s front door. Other standards handle the street lighting for identity, permissions, and cross network payment rails. In practice, expect ACP to plug into ambient consent systems for recurring or high value purchases and to interoperate with industry trust signals at the moment of payment.

If you are mapping the broader agent stack, compare ACP’s merchant facing role with what we covered in Google’s Agent Builder, which targets the developer side of agent orchestration, and with Salesforce Agentforce 360, which pushes agent capabilities deep into CRM and order flows.

What changes for shoppers

From a user’s perspective, ACP quietly removes the last mile friction that made agent experiences feel like high effort search. A shopper can say, find a wool beanie under forty dollars that can ship today and matches this jacket, and then say, buy the second one in blue. The agent confirms the details, the merchant receives a clear purchase intent with a charge token, and the order is placed. The user sees a receipt and a delivery estimate in the same thread. No tabs, no forms, no account creation.

The benefit is not only convenience. When agents can complete the loop, they can learn from outcomes. If a beanie is returned for being too small, the next recommendation can adjust sizing. When the agent can measure the purchase, it can refine the discovery.

What changes for merchants

Three practical benefits stand out.

  • New demand surfaces: Your products can appear in contexts that were previously invisible to you. A traveler chatting about a last minute trip can be guided to luggage that fits the airline rules and delivered in two days. That conversation never touches your website, yet it can end with your order confirmation.

  • Measurable conversion lift: Removing the redirect to a web checkout shortens the funnel. Merchants will see higher completion rates on simple, single item purchases. The effect is largest on impulse buys and repeat consumables where the user’s choice is clear and the friction used to be form fill.

  • Cleaner risk posture: Delegated tokens reduce Payment Card Industry scope and make it easier to apply automated risk decisioning. You can tune risk by category and price point instead of blunt rules that treat all agent traffic as suspicious.

How ACP works, step by step

Here is a simplified lifecycle for an ACP purchase from the merchant’s perspective.

  1. Discovery: The agent queries your ACP catalog endpoint or pulls your feed. It filters by price, attributes, and availability.
  2. Selection: The agent asks the user to confirm a specific item, quantity, and shipping target, then prepares a purchase intent.
  3. Intent creation: The agent calls your create intent endpoint. Payload includes the chosen SKU, shipping and contact details, and a delegated payment token.
  4. Risk checks: You evaluate the request using your fraud tools and risk policy. If needed, you return a challenge to collect additional information.
  5. Confirmation: On acceptance, you return a confirmed order identifier with delivery estimate and final amount.
  6. Settlement: You capture funds through your processor using the tokenized credentials, then update status via the complete endpoint.
  7. Fulfillment and service: You ship, share tracking updates, and handle returns through your normal channels. ACP does not take over your post purchase relationship. It simply ensures the agent can see statuses and notify the user.

For developers, Stripe’s documentation outlines how to implement ACP as a set of endpoints or an MCP server and how to accept shared payment tokens inside your current payment flow. It is intentionally pragmatic. You do not have to adopt a new cart system. You expose a narrow path that agents can use repeatedly and safely. See integration details in Stripe’s ACP documentation.

Risks, consent, and control

Agent initiated purchases require strong guardrails. ACP is designed to be explicit about consent and to keep the merchant’s risk and compliance responsibilities intact. A few practices are already emerging:

  • Clear confirmation moments: Even when the user has a saved funding source, the agent presents a short, specific confirmation message that re states the item, price, and delivery timing before placing the order.

  • Spending limits and categories: Users can set per purchase limits, daily caps, and allowlists. Merchants can define categories that require extra verification, such as gift cards or age restricted items.

  • Traceable tokens: Delegated payment tokens are logged with metadata that ties the charge to an agent interaction. That makes disputes easier to resolve and helps train risk models.

  • Returns and customer support: ACP encourages a clear path back to the merchant. The agent can initiate a return on the user’s behalf, but the merchant remains the counterparty. Your policies still apply, which means you stay in control of margin and abuse prevention.

A pragmatic 2026 readiness playbook

Below is a concrete plan you can hand to your teams. The goal is not to launch every feature at once but to make your catalog agent visible, your checkout agent transactable, and your operations agent governable.

Quarter 1: Make products agent visible

  • Define the minimum viable catalog: Identify the 200 to 2,000 SKUs that account for most of your volume or that perform well on impulse buys.
  • Build an ACP catalog feed or endpoint: Include price, availability, attributes, shipping options, and final price computation rules. Keep it fast and cache friendly.
  • Map attributes to common intents: List the top questions users ask before buying your products. Add attributes that support those decisions, such as fit notes for apparel or compatibility for accessories.
  • Instrument discoverability: Add unique identifiers for each item and variant. Log agent queries and selections so you can see what the agents cannot find.

Quarter 2: Make checkout agent transactable

  • Implement create, update, complete, and cancel endpoints: Keep payloads small and predictable. Return clear errors with actionable guidance.
  • Accept delegated tokens: Work with your payment processor to accept Shared Payment Tokens or the equivalent. Validate that charge caps and expiry rules behave as expected.
  • Design your risk playbook: Set thresholds where you require step up verification. Establish guardrails for high risk categories and shipping destinations.
  • Pilot one simple flow: Start with single item checkouts and a curated subset of SKUs. Measure conversion lift and fraud outcomes before expanding.

Quarter 3: Make operations agent governable

  • Consent controls: Expose limits that agents can honor, such as max spend and per category approvals. Provide a setting to require explicit confirmation for certain item types.
  • Orders and service: Add endpoints for order status, tracking, and returns initiation. Ensure agents can answer the top five post purchase questions without escalating to a human.
  • Policy clarity: Publish a short, plain language version of your returns, cancellations, and warranty policies. Agents will summarize these for users. Make them easy to parse.
  • Privacy by design: Minimize personally identifiable information in agent exchanges. Keep sensitive data in your systems, and exchange only what is required for fulfillment.

Organizational moves that matter

  • Create an agent commerce lead: Give one senior product owner end to end accountability for catalog exposure, checkout, and post purchase agent touchpoints.
  • Align analytics: Add an agent channel to your attribution model. Track impression, selection, intent, and purchase rates separately from web and app flows.
  • Run weekly intent reviews: Examine the top agent queries that did not convert. Update attributes, pricing, or inventory presentation to address them.
  • Incent your support team: Reward first contact resolution where agents handle the entire flow. Have humans step in only when value or risk requires it.

Technical details worth getting right

  • Deterministic pricing: Agents need confidence that the price they present will be the price you honor. Avoid hidden fees that appear late in checkout.
  • Latency budgets: Aim for sub 300 millisecond responses on catalog and intent endpoints. Users will abandon if agent replies stall.
  • Idempotency keys: Protect against duplicate charges if the agent retries due to network hiccups.
  • Versioning: Accept a version parameter in requests so you can introduce new fields without breaking existing agents.
  • Test fixtures: Provide a documented sandbox catalog and fake payment tokens so integrators can write automated tests.
  • MCP hosting: If you expose ACP through an MCP server, consider production hardening at the edge. Our review of Cloudflare’s Edge turns MCP agents into services outlines patterns for reliability and security.

What to measure in your first six months

  • Agent discovery to selection rate: Of the products an agent considered, how often did it select one to propose to the user
  • Selection to intent rate: How often does a user confirm the agent’s proposal
  • Intent to purchase rate: How often does the delegated token lead to a successful charge and order creation
  • Time to purchase: From initial user prompt to order confirmation, how many seconds elapse
  • Post purchase outcomes: Return rates, support contact rates, and satisfaction scores on agent placed orders versus web or app orders

Common failure modes and how to preempt them

  • Ambiguous variants: If an item has many options, agents can mis select. Provide a canonical variant map and default choices that reflect actual buying patterns.
  • Stock drift: Inventory changes faster than your feed. Set aggressive cache lifetimes and return a graceful fallback when an item goes out of stock between selection and purchase.
  • Overly strict fraud rules: If you treat all agent traffic as risky, you will block legitimate purchases. Use token metadata and behavior patterns to differentiate real user approvals from bot abuse.
  • Policy surprise: If your return policy is buried, users will blame the agent when things go wrong. Expose summaries the agent can quote back during confirmation.

Looking ahead

In 2026, expect three shifts to accelerate.

  • Multi item carts and subscriptions: Early ACP usage focuses on single item purchases. Carts, bundles, and subscriptions will move into the mainstream as merchants expand endpoints and risk models.
  • Richer personalization: Agents will get better at remembering fit, brand preferences, and budget. Merchants will learn to surface a compact menu of add ons that actually convert in chat.
  • Interoperability across standards: Consent and trust frameworks will continue to mature. ACP will plug into them so that the same user instruction can flow across multiple agents and payment stacks with clear accountability.

None of this requires you to rip and replace your commerce engine. It requires you to expose what you already do, in a format agents can read and act on. The prize is straightforward. You meet buyers in the moment of inspiration and close while the intent is fresh. For a broader view of agent centric user experiences, see our take on ChatGPT Agent 5.1 guide.

The takeaway

Every major commerce shift creates a new default interface. Search created the product results page. Social created the swipe. ACP is creating the one screen confirm. If you make your products agent visible, your checkout agent transactable, and your operations agent governable, you will be ready for the next wave of discovery driven shopping. The agents are already browsing. With ACP, they can finally buy.

Other articles you might like

ChatGPT Agent 5.1 makes Atlas your daily operating system

ChatGPT Agent 5.1 makes Atlas your daily operating system

OpenAI's GPT-5.1 profiles and the Atlas browser turn ChatGPT from a demo into a dependable, permissioned agent that plans, browses, and acts across your apps. See what changed, what works now, and how to use it safely.

AI Agents
·Read more
Agentic Users: AI coworkers become first class in Microsoft 365

Agentic Users: AI coworkers become first class in Microsoft 365

Microsoft is elevating AI agents from app features to governed coworkers with identities and a storefront inside Microsoft 365. Here is what that shift means for security, licensing, procurement, and your first 90 day pilot.

AI Agents
·Read more
Inside Agent HQ, GitHub's mission control for coding agents

Inside Agent HQ, GitHub's mission control for coding agents

GitHub Agent HQ turns the platform into mission control for coding agents. Orchestrate Anthropic, OpenAI, Google, xAI, and Cognition side by side with governance, metrics, and reusable custom agents in your editor.

AI Agents
·Read more
Salesforce Agentforce 360 turns CRM into an agent platform

Salesforce Agentforce 360 turns CRM into an agent platform

Salesforce is recasting CRM as an agent platform. Agentforce 360 adds templates, a curated marketplace, and Slack-first execution to deploy policy-aware agents across sales, service, commerce, and IT with real governance.

AI Agents
·Read more
Please provide a topic and angle to craft your feature

Please provide a topic and angle to craft your feature

Great features start long before the first paragraph. This guide shows how to choose a topic and sharpen an angle that turns AI news into a story readers finish and share, with checklists, examples, and pitfalls to avoid.

AI Agents
·Read more
Cloudflare’s Edge Turns MCP Agents Into Real Services

Cloudflare’s Edge Turns MCP Agents Into Real Services

Cloudflare just turned the edge into an agent runtime. With a remote MCP server, Workflows GA, and a free Durable Objects path, teams can ship authenticated, stateful agents that run close to users.

AI Agents
·Read more
NVIDIA Rubin CPX breaks the context wall for AI agents

NVIDIA Rubin CPX breaks the context wall for AI agents

Rubin CPX targets the hardest part of inference, the context phase, making 100 million token windows and cheaper long-context runs plausible. Here is what it means for agent stacks and a concrete 90 day plan to get ready.

AI Agents
·Read more
TIME launches a brand-grade newsroom agent with Scale AI

TIME launches a brand-grade newsroom agent with Scale AI

TIME just switched on a governed newsroom agent that can summarize, speak, translate, and search a century of reporting. Built with Scale AI, it signals a shift from static pages to callable, brand-safe services.

AI Agents
·Read more
Cortex Agents Go GA: Snowflake Turns BI Into Action

Cortex Agents Go GA: Snowflake Turns BI Into Action

Snowflake made Cortex Agents generally available on November 4, 2025, shifting business intelligence from static dashboards to outcomes. See why running agents in the data plane matters and how to pilot in 30 days with confidence.

AI Agents
·Read more