NetworkNews

Cloudflare Charges AI Agents Per Request via HTTP 402

On this page
  1. What Monetization Gateway actually does
  2. How x402 revives HTTP 402
  3. What it means if you run an API or content
  4. Sources and further reading

Cloudflare has finally given the long dormant HTTP 402 Payment Required status code a real job. On July 1, 2026 the company announced its Monetization Gateway, a service that lets any site behind Cloudflare charge callers per request for web pages, APIs, datasets, or even MCP tool calls, using an open payment protocol called x402. The pitch matters to anyone who runs infrastructure, because most of the traffic hitting APIs and content is no longer human. It is crawlers, scrapers, and increasingly autonomous AI agents. Monetization Gateway is a way to price that machine traffic directly, settle it in stablecoins, and skip building any billing plumbing yourself.

The short answer

Cloudflare announced its Monetization Gateway on July 1, 2026, a service that lets any resource behind Cloudflare charge callers per request using the open x402 protocol. It revives the HTTP 402 Payment Required status code, works for web pages, APIs, datasets, and MCP tool calls, and settles in stablecoins such as USDC peer to peer inside a normal HTTP request. It is the broad successor to pay per crawl, and pricing will be configurable from the dashboard and later via the API and Terraform.

HTTP 402the status code x402 puts to work
July 1, 2026Monetization Gateway waitlist opens
USDCstablecoin settled peer to peer
Answer card: Cloudflare Monetization Gateway uses the x402 protocol and the HTTP 402 status code to let sites charge AI agents per request for pages, APIs, datasets and MCP tools, settled in stablecoins.
A price tag for machine traffic, built into the HTTP request itself. PNG

For most of the web's history, the 402 Payment Required status code was a curiosity. It sat in the HTTP spec next to 404 and 403, reserved for a future that never quite arrived, because there was no agreed way for a client to actually pay and prove it. Cloudflare's Monetization Gateway, announced on July 1, 2026, is a serious attempt to fill that gap, and it arrives at exactly the moment the audience for it changed. The clients knocking on your endpoints are increasingly not people. They are bots and autonomous agents, and they can be made to pay.

What Monetization Gateway actually does

The service lets you put a price on any resource that already sits behind Cloudflare. That includes web pages, whole APIs, datasets, and MCP tool calls, the function endpoints that AI agents reach for when they need to do something. You configure the pricing rules, Cloudflare runs the payment exchange at the edge, and you do not build the metering or billing yourself. Cloudflare has said the rules start in the dashboard and are planned to be manageable through its API and Terraform, which is the detail that turns this from a novelty into something you can put in a pipeline.

The money moves in stablecoins such as USDC, and it moves peer to peer. What a buyer pays lands directly in the seller's wallet, settled inside the same HTTP request that asked for the resource. There is no invoice at the end of the month and no third party account holding the balance in between.

How x402 revives HTTP 402

The mechanism underneath is an open protocol called x402, named for the status code it depends on. The exchange is deliberately plain. A client requests a paid resource. Instead of serving it, the server replies with 402 Payment Required and a small payload that states the price, the asset it accepts, and where to send payment. The client pays, then sends the same request again with proof of payment attached. A facilitator verifies the proof, and only then does the server return the resource.

Because it is just HTTP, it fits anything that already speaks HTTP, which is to say nearly everything. An agent library does not need a bespoke SDK for every paywall. It needs to understand one status code and one retry pattern.

Terminal showing the x402 flow: a request returns HTTP 402 Payment Required with a price and pay-to address, then a second request with a payment proof header returns HTTP 200 OK and the data.
The whole x402 handshake is one 402, one payment, one retry. No new transport, just HTTP. PNG

What it means if you run an API or content

You do not have to care about crypto settlement to see why this is interesting. The real shift is that machine traffic becomes something you can price at the door rather than a cost you quietly eat. If your API is being hammered by agents, usage based pricing stops requiring a billing team and a payments integration. If you publish data that AI systems want, you can attach a price to the download instead of choosing between blocking scrapers and giving the work away.

There are open questions worth watching. Stablecoin settlement means thinking about wallets and volatility policy, even if the assets are dollar pegged. Pricing machine access too aggressively can simply push agents to a competitor's free endpoint. And a per request paywall changes how you reason about caching and rate limits, because now every allowed request has a direct cost or revenue attached.

Still, the direction is clear. HTTP 402 waited a long time for a use. The web's traffic finally grew a reason to pay, and the first mainstream tooling to collect on it is here. If you operate anything that agents consume, this is worth a place on your reading list before it shows up in your logs.

Sources and further reading

Frequently asked questions

What is Cloudflare Monetization Gateway?

It is a service, announced on July 1, 2026 with a waitlist, that lets any resource sitting behind Cloudflare charge for access on a per request basis. You can put a price on web pages, APIs, datasets, or MCP tool calls, and Cloudflare handles the payment exchange for you. The idea is to let you charge the machines that already consume your content and endpoints without writing your own metering and billing code.

What is the x402 protocol and how does HTTP 402 fit in?

x402 is an open protocol for paying over plain HTTP, named after the 402 Payment Required status code that has existed in the spec for decades but was almost never used. The flow is simple. A client asks for a paid resource, the server answers with 402 plus a small payload stating the price, the accepted asset, and where to pay. The client pays, then repeats the request with proof of payment attached, a facilitator verifies it, and the server returns the resource.

What can I charge for and how do payments settle?

You can charge for web pages, APIs, datasets, and MCP tool calls. Settlement happens in stablecoins such as USDC, inside an ordinary HTTP request, and the transfer is peer to peer, so the money a buyer sends lands directly in the seller's wallet rather than passing through an intermediary account. There is no monthly invoice cycle, the payment and the request are the same round trip.

Who is this actually for?

Anyone whose APIs, data, or content are being consumed by bots and agents at a cost they currently absorb. That includes content sites tired of unpaid AI scraping, API providers who want usage based pricing without a billing stack, and teams exposing MCP tools that they would like to meter. If your traffic is increasingly non human, this gives you a way to turn that load into revenue instead of just a bill.

How does this relate to Cloudflare pay per crawl?

Pay per crawl came first and was narrower. It let content owners charge AI crawlers specifically for access. Monetization Gateway generalizes that idea. Instead of only charging crawlers for content, you can charge any caller for any resource, from a single API call to a dataset download to an MCP tool invocation, and Cloudflare has said pricing rules will be manageable from the dashboard and, in time, through its API and Terraform.