The end vision: trusted agentic commerce
AP2 isn't the whole picture — it's the trust layer in a stack that lets any agent transact with any merchant, safely. The goal isn't a single clever demo; it's an interoperable ecosystem where a shopping agent can discover products anywhere, and the user's intent and payment are backed by cryptographic proof with clear accountability. Here's where AP2 sits, and how it composes with the Universal Commerce Protocol.
See it in action
A demo I built — UCP orchestrating a purchase with payments integrated:
The stack
AP2 doesn't replace the other agent protocols — it extends them. Each layer has one job:
| Layer | Protocol | What it does |
|---|---|---|
| Transport | A2A | Agents discover and talk to each other |
| Tools & data | MCP | Agents reach catalogs, APIs, and wallets |
| Commerce | UCP | The Checkout Object — products, cart, order orchestration |
| Trust & payment | AP2 | Mandates (verifiable intent) + payment authorization over that checkout |
The key seam is between UCP and AP2: UCP produces the Checkout Object, and AP2's Checkout Mandate signs it. Per the AP2 spec, when used with UCP the signed checkout is the UCP Checkout Object — the two protocols are designed to integrate seamlessly.
How they compose in one purchase
- Discover. The Shopping Agent finds products — reaching merchants over A2A, pulling catalogs and wallet data through MCP.
- Build the checkout. UCP assembles a standard Checkout Object: the exact items, totals, and terms.
- Sign intent. AP2 wraps that Checkout Object in a user-authorized Checkout Mandate, and a Payment Mandate authorizes the payment — each a signed, hash-bound artifact (exactly what you build by hand in Lesson 02).
- Pay with verifiable intent. The mandates carry deterministic proof of what the user actually authorized — verifiable intent, not an agent's guess. The network and issuer get visibility, and liability is clear.
- Fulfill. The merchant fulfills the order; receipts close the loop.
Why this is the goal
- Interoperability — any compliant agent transacts with any compliant merchant, instead of a patchwork of bespoke integrations.
- Verifiable intent, not inferred action — trust rests on signatures, not on an LLM's plausible narration.
- Clear accountability — every party can prove what was authorized, which is what makes issuers and merchants comfortable approving agent-driven payments.
That's the difference between a demo and an ecosystem.
Where this resource is going
This site builds the AP2 trust layer first, from first principles (the roadmap lays out the path). UCP integration — assembling a real Checkout Object and signing it as a Checkout Mandate — is the capstone, Lesson 08.
Go deeper: UCP (ucp.dev) · AP2 ↔ UCP integration guide · AP2 spec