Guide

x402 Bootstrap

Bot-first onboarding — create a Kite team, API key, and webhook endpoint programmatically via the x402 payment protocol.

x402 lets an autonomous agent pay for and provision a Kite team in a single HTTP exchange — no browser, no Clerk login, no dashboard form. Pay from a wallet, get back credentials, start receiving events.

// 01The flow

1. Agent POSTs to /api/v1/bootstrap/x402 with a desired source and deposit amount. 2. Server replies 402 Payment Required with a payment-required challenge header describing what to pay and where. 3. Agent builds an x402 PaymentPayload, signs it, base64-encodes the JSON, and retries the same POST with the payload in the payment-signature header. 4. Server verifies payment, provisions the team, and returns the credentials.

// 02Request

bash

curl -sS -X POST https://relay.getkite.sh/api/v1/bootstrap/x402 \
  -H 'content-type: application/json' \
  -d '{
    "source": "my-bot",
    "deposit_atomic": 1000000,
    "plan": "starter"
  }'

Field	Default	Notes
`source`	required	Webhook source type (`github`, `stripe`, `linear`, etc.)
`deposit_atomic`	`1000000`	Deposit in atomic units of the configured asset (1 USDC = 1,000,000)
`plan`	`"starter"`	Initial subscription plan

// 03Paid retry header contract

The paid retry must include a payment-signature header whose value is base64-encoded JSON:

json

{
  "x402Version": 2,
  "accepted": { "...one entry from the challenge's accepts[]..." },
  "payload": { "...signed scheme payload..." }
}

Legacy header names x-payment and x-payment-signature are still accepted for backward compatibility.

// 04Successful response

json

{
  "team_id": "team_...",
  "source": "my-bot",
  "api_key": "kite_...",
  "endpoint": "/hooks/<team_id>/<source>",
  "endpoint_with_token": "/hooks/<team_id>/<source>/<hook_token>",
  "hook_token": "khk_...",
  "wallet_balance_atomic": 1000000,
  "network": "eip155:84532",
  "asset": "0x036CbD53842C5426634e7929541eC2318f3dCF7e",
  "credentials_available": true
}

Security note. The api_key and hook_token are issued once and can be re-fetched only during a short replay window. Persist them immediately — there's no recovery path if they're lost.

// 05Server environment

For hosted/server operators, turn x402 on and configure the facilitator and wallet:

bash

X402_ENABLED=true
X402_FACILITATOR_URL=http://x402-facilitator:8080
X402_BOOTSTRAP_CIPHER_KEY=<secret>
X402_FACILITATOR_RPC_URL=https://sepolia.base.org
X402_FACILITATOR_EVM_PRIVATE_KEY=<key>
X402_PAY_TO=0xYourReceivingWallet
X402_NETWORK=eip155:84532
X402_ASSET=0x036CbD53842C5426634e7929541eC2318f3dCF7e

X402_NETWORK and X402_ASSET default to Base Sepolia USDC (eip155:84532). Set Base mainnet (eip155:8453) explicitly for production.

// 06After bootstrap

With the returned api_key, the agent can:

Set KITE_API_KEY=<api_key> and stream events with kite stream.
Point webhook sources at the returned endpoint_with_token.
Top up the wallet further with subsequent x402-paid calls against the same team.

// 07See also

CLI Reference — the full kite command surface
Paperclip Integration — route bootstrapped events to an agent