Amazon Bedrock AgentCore payments enables safe AI transactions with Coinbase and Stripe
Agents can now autonomously pay for resources using embedded wallets and session limits
Amazon Bedrock AgentCore payments, announced in preview with Coinbase and Stripe (Privy), solves a critical gap in agentic AI: the ability to transact autonomously. When agents select tools, browse the web, or call MCP servers that require payment, they previously got stuck. Now, developers can integrate agentic payments with embedded wallets (self-custodial for end users) and payment sessions with configurable budgets and time-to-live (TTL). The system is designed to prevent runaway spend by enforcing limits at the infrastructure layer, keeping the LLM’s non-determinism in check. End users retain control—they delegate spending authority per session, can revoke it, and top up or withdraw funds independently.
Guardrails address credential security: developer API keys and wallet keys never enter agent code. Instead, short-lived session-bound credentials are used, reducing exposure if an agent is compromised. The agent never sees the end user’s actual payment instrument (card number, CVV), only a permission to spend from a wallet—drastically lowering PCI compliance scope. Full audit trails log every transaction for finance and security teams. AgentCore payments is available in preview in US East (N. Virginia), US West (Oregon), Europe (Frankfurt), and Asia Pacific (Sydney).
- Configurable session budgets and TTL prevent runaway spend, enforced at the infrastructure layer outside the LLM
- Developer keys and embedded wallet keys are never stored in agent code; short-lived session-bound credentials minimize compromise risk
- Agent only sees a 'permission to spend' abstraction, never the actual payment instrument, reducing PCI compliance scope
Why It Matters
Autonomous agents can finally handle real payments securely, unlocking new workflows while preventing financial risks for businesses.