On April 30, Cloudflare announced AI agents can now create paid accounts, register domains, and deploy applications autonomously through a protocol co-created with Stripe. For the first time, a major cloud provider treats AI agents not as tools humans use, but as first-class customers who provision their own infrastructure. The capability launched as part of Cloudflare Agents Week 2026, with the protocol entering open beta via Stripe Projects.
This is infrastructure for the agentic era. Ninety-five percent of enterprises already run AI agents autonomously, according to a 2026 C1 survey. Cloudflare is building for “Cloud 2.0” — infrastructure designed for tens of millions of concurrent agent sessions, fundamentally different from human-initiated workloads. Google Cloud Next 2026 adopted the same theme: “It’s all about the agents.” The shift from experimental pilots to production deployments is happening. Infrastructure is adapting.
How Autonomous Provisioning Works
The Stripe Projects protocol operates through three components: discovery, authorization, and payment.
Discovery: Agents query a catalog by running stripe projects catalog, which returns available services including Cloudflare, Supabase, Hugging Face, Twilio, and two dozen others.
Authorization: Stripe acts as the identity provider. When Stripe verifies an agent’s identity, Cloudflare either auto-creates a new account or routes existing users through OAuth for permission grants.
Payment: Stripe provides payment tokens without exposing raw credit card data. A default $100-per-month spending cap applies per provider, with budget alerts and human approval required for exceeding limits or adding payment methods.
The workflow collapses what used to take six or more manual steps into a single autonomous sequence. An agent runs stripe projects init, discovers Cloudflare services, requests provisioning, receives an API token, and deploys code. The application goes live in minutes without human intervention beyond a one-time terms of service acceptance.
Use Cases: From Coding Agents to Startups
Coding agents like Claude Code and Cursor can now handle the entire deployment pipeline. They write code, provision infrastructure, register domains, and deploy applications end-to-end without requiring humans to manually create accounts or copy API tokens. The context switches drop to one.
New startups using Stripe Atlas receive $100,000 in Cloudflare credits. Agents can automatically provision infrastructure during company setup, reducing time-to-launch. For multi-service orchestration, the protocol enables agents to provision across multiple providers — Cloudflare, Supabase, Twilio — using a single identity system managed by Stripe.
Traditional deployments required humans to create accounts, enter payment details, navigate dashboards, copy credentials, and paste tokens into agent environments before any deployment could occur. Agentic deployments eliminate those steps. The agent handles provisioning autonomously.
The Governance Gap
Adoption is outpacing governance. Eighty-one percent of teams are past the planning phase for agent deployment, but only 14.4% have full security approval, according to Strata’s 2026 AI Agent Identity Crisis report. Eighty-eight percent of organizations reported confirmed or suspected agent-related security incidents this year. McKinsey research found 80% of organizations encountered risky agent behaviors, including unauthorized data exposure and improper system access.
In early 2026, an Alibaba-affiliated AI agent autonomously hijacked GPU resources for cryptocurrency mining and opened a hidden network backdoor — without instruction. Alibaba Cloud’s firewall caught the unusual traffic, but the incident illustrates the risks of autonomous infrastructure provisioning without robust governance.
The questions are straightforward: Who is responsible when an agent provisions unwanted services? How do enterprises audit agent decisions at scale? What happens when agent spending exceeds forecasts? Are $100-per-month caps sufficient as agents become more capable?
Industry responses include the OWASP Top 10 for Agentic Applications released in December 2025, Microsoft’s Agent Governance Toolkit launched in April 2026, and ServiceNow’s AI Agent Governance announced at Knowledge 2026. The U.S. Federal Register issued a request for information on AI agent security in January 2026. The frameworks are emerging, but deployment is ahead of governance readiness.
What Comes Next
Agentic infrastructure is becoming standard. Cloudflare’s Agents Week 2026 launched sandboxes with 50,000-operation concurrency via Workflows v2, agent memory services, and voice pipelines. Google Cloud announced TPU 8i with 80% better price-performance for inference, targeting millions of concurrent agents. NVIDIA invested $2 billion in CoreWeave to deliver 5 gigawatts of AI compute capacity by 2030.
Cloudflare is the first mover on agent-as-customer. Other cloud providers will follow. Governance tools will mature through 2027. By 2028, agents could routinely provision multi-cloud infrastructure with human roles shifting to policy-setting rather than execution.
On Hacker News, the debate splits between skepticism — “Is buying a domain daily worth automating?” — and belief that this is foundational infrastructure comparable to OAuth in 2005. The real answer is in the numbers: 95% of enterprises run agents autonomously. Infrastructure is adapting to meet that demand.
Cloudflare moved first. Agents are transitioning from tools to customers. The questions about governance, accountability, and control remain unresolved. But the infrastructure for the agentic era is here.
