title: Agent Cards
source_url: /developer-api/v1/agent-cards
summary: Give an AI agent real payment authority on Ramp — a single-use PAN and CVV, scoped to one merchant and capped at the requested amount. Works with any agent connected to Ramp: Claude Desktop, ChatGPT, and Perplexity (via the Ramp connector), or Claude Code, Codex, and any terminal agent (via the Ramp CLI).

content:
Give an AI agent real payment authority on Ramp — a single-use PAN and CVV, scoped to one merchant and capped at the requested amount. Works with any agent connected to Ramp: Claude Desktop, ChatGPT, and Perplexity (via the Ramp connector), or Claude Code, Codex, and any terminal agent (via the Ramp CLI).

By the end of this page, you'll have an agent that picks a fund, mints a single-use card, checks out at a real merchant, and closes the loop on the receipt, memo, and coding — without leaving its chat window.

Three pieces make it work:

A single-use credential. Ramp mints a fresh PAN and CVV at purchase time, scoped to one merchant and capped at the requested amount. It expires after the first authorization or 12 hours, whichever comes first.

A Ramp fund (Spend Controls) sets the policy ceiling. The agent can only generate credentials against funds you're scoped to.

An agent connected to Ramp — either through an MCP-based runtime (Claude Desktop, ChatGPT, Perplexity) or the Ramp CLI's agentic-purchase skill (Claude Code, Codex, terminal agents). Both honor your existing Ramp permissions.

A Ramp account with at least one active fund, and an AI agent connected to Ramp through an MCP runtime or the Ramp CLI. The playbook below covers connecting the agent and enrolling your business in Agent Cards as a one-time setup step.

Tell your agent to run the Agentic Purchase playbook. The playbook covers connecting your agent, enrolling your business in Agent Cards, and walking through a real purchase end-to-end — with per-runtime instructions for Claude Desktop, ChatGPT, Claude Code, Codex, and Perplexity. Your agent picks a fund, generates the credential, checks out, and closes the loop on the receipt, memo, and coding.

Running in production

If your agent runs through the Ramp CLI on a remote host, two patterns are worth knowing. MCP-runtime sessions are managed by the connector — see AI Agents → Going to production for that side.

Authenticate locally, then copy the session config to wherever the agent runs:

This is what most production users do today. As long as the agent makes at least one call within the refresh window, the session keeps rolling and doesn't expire.

Read-only sessions expire one week after last use.

Read-write sessions expire 24 hours after last use.

If your agent runtime rewrites ~/.config/ramp/config.toml on restart — some hosted agent platforms do — the refresh token gets destroyed and the agent loses auth on the next start. Persist the config file outside the rewrite scope, or restore it from a backup at startup.

We're tracking improvements to make long-lived non-interactive auth less brittle. Until then, treat config.toml like a credential: never commit it to source control.

Agent Card issuance is policy-controlled at the business level. If your use case needs a higher ceiling than the default, submit a Developer API support ticket.

Agent purchases can't run against the following Merchant Category Codes.

MCC

Category

4816

Computer Network / Information Services

5122

Drugs, Drug Proprietors and Druggists Sundries

5816

Digital Goods: Games

5912

Drug Stores and Pharmacies

5966

Direct Marketing – Outbound Telemarketing Merchant

5967

Direct Marketing – Inbound Telemarketing Merchants

5968

Direct Marketing – Continuity / Subscription Merchant

5993

Cigar Stores and Stands

6012

Member Financial Institution – Merchandise and Services

6051

Quasi Cash – Merchant

6211

Securities – Brokers and Dealers

7273

Dating Services

7995

Betting, including Lottery Tickets, Casino Gaming Chips, Off-Track Betting, Wagers at Race Tracks

Two flows aren't yet supported — both are on the roadmap:

3D Secure (3DS). Affects online transactions in the EEA, UK, India, Japan, Australia, and a few others.

Merchant-initiated transactions (MIT) / card on file (CoF). Affects subscriptions, recurring billing, and metered AI spend.

If a restriction blocks a real workflow, reach out.

Troubleshooting

The credential is generated at purchase time and shows up as a regular transaction on the linked fund — there isn't a separate "Agent Cards" page in the dashboard. The audit log entry attributes the transaction to the agent acting on your behalf.

Some bill-payment aggregators (Paymentus is the most common report) have known acceptance issues with single-use credentials. The MCC blocklist above covers what's blocked at the network level; for decline cases outside the blocklist, submit a support ticket.

Pass billing address explicitly in the prompt — for example, "use Ramp to renew my domain, billing address 123 Main St, San Francisco, CA 94110." Credentials don't carry a default billing address.

If you're inside the refresh window (read-write: 24 hours; read-only: one week) but still getting kicked out, the most likely cause is your agent runtime rewriting ~/.config/ramp/config.toml on restart. See What breaks this above.

Agent Card endpoints require the cards:read_agentic scope, and writes need spend_limits:write. If you authenticated as a user without those, ask a Ramp admin to grant the right access. If you're on the CLI specifically, run ramp update first — older CLI versions surface less-helpful scope errors.

For anything else, submit a Developer API support ticket.

Ramp CLI — full command reference and skill catalog

AI Agents — broader agent capability surface (MCP, reads, approvals, edits)

Spend Controls — funds and policy that constrain agent spend