AI agents stall at paywalls — no way to read terms, evaluate compliance, or transact autonomously. ACP is the open protocol that closes that gap.
Agents have no way to find what proprietary data is available or relevant without a human pointing them at each source individually.
Even when an agent finds data, it cannot evaluate whether the terms comply with its operating policy — so it stalls or proceeds without guardrails.
Enterprise compliance teams won’t approve autonomous transactions without a verifiable record of what was agreed to, when, and by whom.
ACP defines the commercial authorization layer through three interlocking open schemas. Each is independently useful — together they close the full gap from discovery to audit.
Published by data providers
A JSON document at /.well-known/agent-terms.json — machine-readable pricing, terms, and access rules any ACP-enabled agent can discover and evaluate without human mediation.
Carried by deployed agents
The operating authority an agent carries at runtime — encoding the creator organization’s risk tolerance and compliance requirements as a machine-evaluable rule set consulted at every data access decision.
Produced by the agent
A tamper-evident audit record for every authorization decision — approved, rejected, or escalated — with cryptographic integrity and per-check natural language reasoning.
Your data product is invisible to AI agents today. Publish one JSON file and become discoverable to every ACP-enabled agent running research, due diligence, and analysis workflows.
Audit your product — define your unit of consumption, pricing floor, permitted uses, certifications held.
Draft your ATS using the open JSON schema. Price for agent consumption patterns — not seat-based licensing.
Publish at /.well-known/agent-terms.json — your existing API and human product are unchanged.
Monitor ATR records from agent buyers to understand access patterns and optimise pricing.
Ship an AAP policy with your agent and it handles data access autonomously — no hardcoded integrations, no manual credentialing, full audit trail included.
Define your AAP — spend limits, permitted data categories, required certifications, escalation rules.
Embed ACPEvaluator in your agent’s tool-calling or orchestration layer. Stdlib-only Python — zero dependencies.
Agent evaluates autonomously — approving, rejecting, or escalating based on your policy with no human in the loop per transaction.
Receive ATR records at your audit endpoint — a complete, cryptographically signed log of every data access decision.
No external dependencies. Python 3.10+ stdlib only.
# Full ACP flow import json from acp import ACPAgentClient with open('aap/policy.json') as f: aap = json.load(f) client = ACPAgentClient( aap=aap, agent_id="did:web:acme.com:agents:001", known_providers=known_providers_set, ) result = client.access( "https://capitalintel.com", task_description="M&A due diligence: company financial analysis" ) # "approved" | "rejected" | "escalated" print(result["outcome"]) print(result["data"]) print(result["atr"]["integrity"])
// /.well-known/agent-terms.json { "ats_version": "0.1.0", "provider": { "id": "com.yourco.data", "jurisdiction": "US", "certifications": ["SOC2_TYPE2"] }, "product": { "category": "financial_company_data", "description": "Company financials, 50K+ US firms." }, "pricing": { "currency": "USD", "settlement_methods": ["x402", "stripe"], "models": [{ "model_id": "per-query", "type": "per_query", "unit_price": 0.05 }] }, "legal": { "governing_law": "Delaware, United States", "auto_renew": false, "agent_binding": "agent_acts_as_agent_of_buyer" } }
// Agent Authorization Policy { "aap_version": "0.1.0", "spend_controls": { "per_transaction_limit": 0.50, "per_day_limit": 100.00, "preferred_pricing_models": ["per_query"], "preferred_settlement_methods": ["x402"] }, "data_access": { "permitted_categories": [ "financial_company_data", "legal_case_data" ], "prohibited_categories": ["healthcare_clinical"], "required_provider_certifications": ["SOC2_TYPE2"] }, "legal_authority": { "binding_authority": "per_transaction_only", "auto_renew_prohibited": true }, "escalation_rules": { "escalate_on": [ "new_provider_first_access", "ambiguous_terms" ] } }
Apache 2.0 code license. CC BY 4.0 specification license. Schemas, reference implementation, mock providers, and test suite — all freely usable, forkable, and extensible.
The missing commercial layer in the agent economy — why ACP exists, how the three schemas work, and what it means for SaaS data revenue.