Rundown.WTF
All specs
RFC 9110 §15.5.2RFCShould KnowProduct2022

HTTP 402 Payment Required

HTTP·RFC Editor
WHY YOU NEED THIS

If you're returning 402 — or shopping for a way to monetize an API or MCP server — the spec hands you the code and nothing else. The meaning lives entirely in whatever protocol you layer above it: x402 (stablecoins, X-PAYMENT header), L402 (Lightning, WWW-Authenticate macaroon+invoice), or your own. Knowing that 402 itself is a blank canvas is the difference between shipping an interoperable agent-payable endpoint and a 402 response no client can negotiate against.

What It Defines

The 4xx status code reserved for "payment is required to proceed." First registered in HTTP/1.0 (RFC 1945, 1996) and carried through every revision since, but left intentionally undefined: RFC 9110 still says only that 402 "is reserved for future use." There is no mandated header, no payment-method negotiation, no settlement receipt, no IANA scheme registry — just the bare three-digit code. For ~30 years the semantics lived nowhere, which is why every paywall and metered-API project that touched 402 ended up inventing its own protocol on top.

Canonical (Normative)

RFC 9110 §15.5.2 (402 Payment Required)

Convenient (Practical)

MDN: 402 Payment RequiredIANA HTTP Status Codes Registry

Related References

RFC 1945 (HTTP/1.0, original 402 reservation)
httpstatus-code402payment-requiredagent-paymentspaywall
Standards Body
RFC Editor

The canonical publication point for finalized RFCs. If a protocol is standardized as an RFC, the RFC Editor text is the normative final reference. Published by the IETF, IRTF, IAB, and independent stream.

Visit

Related Specs

RFC 9110RFCMust Know

HTTP Semantics

This is the core contract of every web API, browser request, and server response. You can't design or debug HTTP without knowing this.

ProductHTTP
Details
x402 v1CoinbaseMust Know

x402

x402 is the leading candidate for the agent-economy payment rail: it lets an AI agent (or any HTTP client) pay for an API call inline, with no API key, no signup, and no human-in-the-loop. If you're building agentic apps, paid MCP servers, per-request data products, or anything where "charge for this request without a session" matters, x402 is the standard to know — supported by Coinbase, Cloudflare, Vercel AI Gateway, and a growing facilitator ecosystem.

ProductBlockchainHTTP Payments
Details
LightningShould Know

L402

L402 is the Bitcoin-native counterpart to x402: same HTTP 402 surface, but settled off-chain on Lightning instead of on-chain via stablecoins. Useful when you need true micropayments (sub-cent), instant finality without facilitators, and Bitcoin economics. Powers paid LLM access (e.g. Fewsats), paid storage gateways, and a small but real ecosystem of metered Lightning APIs.

ProductBlockchainHTTP Payments
Details
RFC 9457RFCShould Know

Problem Details

Error response formats are the most inconsistent part of most APIs. RFC 9457 gives you a standard shape that clients can handle generically.

ProductHTTP
Details