By ByteBot
Stripe Sessions 2026 announced 288 products. The one worth paying attention to: an open protocol, co-designed with Cloudflare, that lets AI agents autonomously provision cloud services, register domains, get API keys, and deploy code — all billed to the user’s existing Stripe account. No human in the loop after initial setup. Eight providers are live at launch: Cloudflare, Vercel, Supabase, Clerk, PostHog, Sentry, PlanetScale, and Inngest. The total partner count sits at 32 and is growing.
How the Protocol Works
The Agent Provisioning Protocol (APP) has three layers. Understanding them is the difference between trusting this and not trusting it.
Discovery. The agent runs stripe projects catalog and gets a JSON list of every available provider and service. No hardcoding, no scraping. The agent knows what’s available without a human curating a list of options.
Authorization. Stripe is the identity provider. For new accounts, the provider — Cloudflare, Vercel, whoever — automatically creates the account and returns credentials through Stripe. For existing accounts, OAuth handles it. Humans approve Terms of Service once. That is the only required human step after initial setup.
Payment. Stripe issues a payment token to the provider. Raw card data never passes through the agent. The default spending cap is $100/month per provider, enforced at the protocol level, not by the agent. That distinction matters: the agent cannot override it.
What Agents Can Do Today
Given a Stripe account signed in on the machine, an agent can now:
- Create a Cloudflare account, purchase a domain, deploy code to production
- Provision a Supabase database, Clerk auth, and PostHog analytics in one session
- Rotate credentials:
stripe projects rotate <service> - Upgrade or downgrade service tiers:
stripe projects upgrade <service> - Sync credentials to
.env:stripe projects env --pull - Generate an LLM context file for the project:
stripe projects llm-context
Credentials stay encrypted in the vault. The agent never pastes keys into chat. The CLI hydrates .env locally; Vercel reads from the same vault at build time.
Getting Started
Install the plugin and initialize a project:
stripe plugin install projects
stripe projects init my-app
stripe projects add cloudflare/workers
stripe projects add supabase/database
stripe projects add clerk/auth
stripe projects env --pullTo let a coding agent handle provisioning, add the Stripe skill and prompt it:
npx skills add https://docs.stripe.com
# Then prompt: "provision a database, hosting, and analytics"For non-interactive agent execution, the relevant flags are: --no-interactive, --auto-confirm, --accept-tos, and --json. These are what make the CLI usable inside an automated workflow without hanging on prompts.
The Security Model Worth Understanding
Credentials are encrypted in .projects/vault/vault.json. The .env file has 600 permissions (user-read only). Gitignore: .env, .projects/vault/, .projects/cache/.
The more important point is the trust architecture. Stripe is the broker — not the agent, not the provider, not a shared secret. The $100/month spending cap is enforced at the protocol layer. The agent cannot provision past that limit without a human adjusting the budget. That is the correct place to put the constraint.
There is one gap worth naming: durability. Inngest’s launch post puts it plainly — the hard part is not the agent signing in, it is what happens when the workflow fails at step 14 of a 20-step process. APP solves provisioning. It does not solve orchestration. Inngest is a launch partner precisely because that is the next unsolved problem.
The Bigger Picture
Stripe is running a specific play: become the identity and billing layer for agent-run infrastructure. The pattern is: human connects Stripe once, agents operate within defined limits, all charges remain auditable in the Stripe Dashboard.
This is distinct from Stripe’s Agentic Commerce Protocol with OpenAI, which covers consumer-facing agent purchases — a ChatGPT user buying from Etsy through an agent. APP is about agents building and deploying developer infrastructure. Different layer, different use case, same underlying Stripe account.
The Stripe Projects CLI documentation covers 40+ providers spanning hosting, databases, auth, analytics, and AI compute. The Cloudflare technical write-up details the full provisioning flow from first login to deployed application.
If you are building with AI agents, this is infrastructure worth setting up now. The protocol is open, the partner list is growing fast, and the trust model is more carefully designed than most agent tooling released in the past year.
