x402 documentation uses a handful of terms repeatedly that aren't always defined plainly. Here's what each one actually means, without the jargon.
The server that has something worth paying for — an API endpoint, a dataset, an article, a piece of compute. In plain terms: whoever you're trying to buy something from. This is the server that issues the 402 response when payment is needed.
Whoever is making the request and potentially paying for it. This could be a person's browser, a script, or — increasingly — an autonomous AI agent acting without a human directly involved in that specific request.
A third-party service that verifies a payment actually happened on-chain and helps settle it, so the resource server doesn't need to run its own blockchain infrastructure just to accept payments. Think of it as playing a similar role to a payment processor in the card world, but for on-chain stablecoin transactions. Coinbase's Developer Platform is the most widely used facilitator at the time of writing, though it isn't the only one.
The specific method used to construct and verify a payment — essentially the technical "dialect" both sides need to agree on. Different schemes can support different token standards; the most common today is built around USDC and similar standards that allow gasless, signature-based transfers.
The actual HTTP header a client attaches to a retried request, containing the signed payment payload. This is what proves, cryptographically, that a payment has been made for that specific request.
The header a resource server returns alongside the successful 200 OK response, confirming the payment was verified and settled.
The specific blockchain a payment settles on — commonly Base, but increasingly also Solana, Polygon, Arbitrum, and others as the protocol has expanded multi-chain support. Different networks have different fees and settlement speeds.
A unique value included in each payment that prevents the same signed payment from being reused for multiple requests — a basic and important defence against replay attacks. Any resource server implementing x402 needs to check this properly, not just confirm a transaction hash exists.
An extension to the protocol that acts as a discovery layer, letting clients (including AI agents) find x402-enabled services available to pay for, rather than needing to already know an endpoint exists.
The organisation, hosted under the Linux Foundation, that now governs the open x402 specification. It was co-founded by Coinbase and Cloudflare and includes a wide range of member companies spanning payments, cloud infrastructure, and crypto-native firms — meaning no single company unilaterally controls the protocol's direction.
Terminology in an actively developing protocol can shift. For authoritative, current definitions, refer to the official x402 specification.