Cat-1 · T285 · AI & Agentic Developer Tooling
v1.0

Google AP2 Checkout/Payment Mandate (VDC) Builder & Validator

Google's Agent Payments Protocol proves to a merchant or network that a real user authorized a specific purchase, using two tamper-evident Verifiable Digital Credentials: a Checkout Mandate and a Payment Mandate, each with an Open (constraints) and Closed (bound to a finalized checkout) stage. Build a mandate from a form, or paste one to validate its structure and chain.

⚠ This is the external Google/FIDO AP2 spec (ap2-protocol.org) — NOT the AINumbers "Policy Mandate" export used elsewhere in this suite (see the suite's CONTRACT §3.1). Google AP2 renamed its mandates: the launch-era Intent / Cart / Payment vocabulary is now Checkout Mandate + Payment Mandate (Open/Closed). Field names below are illustrative — verify against the AP2 spec before building.
Google AP2 Checkout · Payment VDC Zero PII Client-Side · No Network
Scope & reliance — 🔒 All inputs are processed locally in your browser. No data is transmitted. Do not enter real personal data — use synthetic or anonymised inputs only. Builds an illustrative mandate skeleton and checks structure only — it does not sign a credential or contact a payment network. Verify field names against ap2-protocol.org. Deterministic · zero PII · CC BY 4.0.
▸ Build a Checkout or Payment Mandate VDC
▸ Validate a mandate VDC
Paste a Checkout or Payment Mandate. Structure, stage, subject, and the signature/proof block are checked (field names illustrative).
▸ Launch-era ↔ current AP2 terminology
Intent Mandate (launch) → folded into the Checkout Mandate · Open stage (user constraints / goals before a cart exists).
Cart Mandate (launch) → Checkout Mandate · Closed stage (authorization of a finalized cart/checkout).
Payment Mandate → still the Payment Mandate; Open = budget/instrument constraints, Closed = amount bound to a finalized checkout.

Both are Verifiable Digital Credentials (signed, tamper-evident). AP2 ships as an A2A extension and supports human-present and human-not-present flows, over cards and x402. Verify against ap2-protocol.org.