# X402 Data API Full Agent Guide

Canonical site: https://x402dataapi.com
Canonical API base: https://api.x402dataapi.com
Canonical docs: https://docs.x402dataapi.com

## Discovery files

- Short agent index: https://docs.x402dataapi.com/llms.txt
- API agent index: https://api.x402dataapi.com/llms.txt
- Full agent index: https://docs.x402dataapi.com/llms-full.txt
- OpenAPI 3.1 contract: https://api.x402dataapi.com/openapi.json
- Docs OpenAPI mirror: https://docs.x402dataapi.com/openapi.json
- x402scan discovery: https://api.x402dataapi.com/openapi.json includes x-payment-info.price, x-payment-info.protocols and HTTP 402 responses for every paid operation.
- x402 site catalog: https://x402dataapi.com/.well-known/x402-catalog.json
- x402 API catalog: https://api.x402dataapi.com/.well-known/x402-catalog.json
- Live x402 capabilities: https://api.x402dataapi.com/capabilities
- Live pricing: https://api.x402dataapi.com/pricing
- XML sitemap: https://x402dataapi.com/sitemap.xml

## Recommended agent flow

1. Read https://x402dataapi.com/llms.txt.
2. Fetch https://api.x402dataapi.com/openapi.json for the canonical HTTP/x402scan contract.
3. Fetch https://x402dataapi.com/.well-known/x402-catalog.json, https://api.x402dataapi.com/.well-known/x402-catalog.json or https://api.x402dataapi.com/capabilities for prices, schemas, payable resources and Bazaar metadata.
4. Select an endpoint by value, price, input schema and expected output.
5. Call the endpoint.
6. If HTTP 402 is returned, inspect PAYMENT-REQUIRED, create the x402 payment, retry with PAYMENT-SIGNATURE.

## Markdown docs

- https://docs.x402dataapi.com/domain-intelligence-api.md - Paid x402 API for AI agents that returns domain intelligence, DNS lookup data, domain risk signals, security posture, WHOIS-like technical data, mail security, TLS, HTTP headers, fingerprinting and AI agent domain analysis for a public domain.
- https://docs.x402dataapi.com/tls-certificate-report-api.md - Paid x402 API for AI agents that checks TLS certificate health, SSL report data, HTTPS certificate expiration, issuer, validity, SAN coverage, chain health, HTTPS readiness and certificate risk for a public hostname.
- https://docs.x402dataapi.com/mail-security-api.md - Paid x402 API for AI agents that checks MX records, SPF, DMARC, email security, phishing risk, domain mail configuration and anti-spoofing posture for a public domain.
- https://docs.x402dataapi.com/http-security-headers-api.md - Paid x402 API for AI agents that audits HTTP security headers, HSTS, Content-Security-Policy, X-Frame-Options, Referrer-Policy, Permissions-Policy and web security scan findings for a public URL.
- https://docs.x402dataapi.com/agent-accessibility-api.md - Paid x402 API for AI agents that checks robots.txt, sitemap availability, llms.txt discovery, AI crawler readiness, agent accessibility and AI scraping compatibility for a public URL.
- https://docs.x402dataapi.com/full-domain-report-api.md - Paid x402 API for AI agents that returns a complete domain security report with DNS, TLS, mail security, HTTP headers, AI accessibility, website risk score and consolidated remediation issues for a public domain.
- https://docs.x402dataapi.com/robots-sitemap-llms-api.md - Agent-readable API documentation for checking robots.txt, sitemap discovery, llms.txt availability, AI crawler readiness and AI scraping compatibility.
- https://docs.x402dataapi.com/x402-paid-api-for-ai-agents.md - How autonomous agents can discover X402 Data API resources, inspect prices and schemas, pay per request in USDC on Base, and call JSON endpoints.
- https://docs.x402dataapi.com/how-ai-agents-can-pay-for-domain-data.md - A practical guide for AI agents that need domain intelligence, TLS reports, mail security, HTTP security headers and accessibility checks through x402 payments.

## Endpoints

### Health

- Key: health
- Method: GET
- Endpoint: https://api.x402dataapi.com/health
- Human page: https://x402dataapi.com/api/health
- Docs: https://docs.x402dataapi.com/docs/health
- Description: Returns current API availability, version, x402 status and timestamp.
- Price: Free
- Network: eip155:8453
- Cache TTL: not advertised seconds
- Timeout: not advertised ms
- Tags: status, monitoring
- Input schema: {}
- Input example: {}
- Output example: {"status":"ok","name":"X402 Data API","version":"1.0.0","x402":{"enabled":true,"network":"eip155:8453","currency":"USDC"},"time":"2026-06-29T12:00:00.000Z"}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

### Pricing

- Key: pricing
- Method: GET
- Endpoint: https://api.x402dataapi.com/pricing
- Human page: https://x402dataapi.com/api/pricing
- Docs: https://docs.x402dataapi.com/docs/pricing
- Description: Returns live feature prices, currency, network, TTL and timeout metadata.
- Price: Free
- Network: eip155:8453
- Cache TTL: not advertised seconds
- Timeout: not advertised ms
- Tags: pricing, x402
- Input schema: {}
- Input example: {}
- Output example: {"currency":"USDC","network":"eip155:8453","features":[{"key":"domain_intel","price":"0.005","currency":"USDC"}]}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

### Capabilities

- Key: capabilities
- Method: GET
- Endpoint: https://api.x402dataapi.com/capabilities
- Human page: https://x402dataapi.com/api/capabilities
- Docs: https://docs.x402dataapi.com/docs/capabilities
- Description: Returns the machine-readable service catalog used by agents and documentation pages.
- Price: Free
- Network: eip155:8453
- Cache TTL: not advertised seconds
- Timeout: not advertised ms
- Tags: catalog, agents
- Input schema: {}
- Input example: {}
- Output example: {"name":"X402 Data API","x402":true,"services":[{"key":"domain_intel","endpoint":"/v1/domain-intel","input_schema":{"type":"object"}}]}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

### Domain Intelligence

- Key: domain_intel
- Method: POST
- Endpoint: https://api.x402dataapi.com/v1/domain-intel
- Human page: https://x402dataapi.com/api/domain-intel
- Docs: https://docs.x402dataapi.com/domain-intelligence-api
- Description: Paid x402 API for AI agents that returns domain intelligence, DNS lookup data, domain risk signals, security posture, WHOIS-like technical data, mail security, TLS, HTTP headers, fingerprinting and AI agent domain analysis for a public domain.
- Price: 0.002 USDC
- Network: eip155:8453
- Cache TTL: 3600 seconds
- Timeout: 30000 ms
- Tags: x402, ai-agents, domain-intelligence, cybersecurity, dns
- Input schema: {"type":"object","properties":{"domain":{"type":"string","description":"Public domain name to inspect"}},"required":["domain"]}
- Input example: {"domain":"example.com"}
- Output example: {"domain":"example.com","dns":{},"mail_security":{},"tls":{},"http":{},"fingerprint":{},"risk_score":0,"summary":[]}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

### TLS Report

- Key: tls_report
- Method: POST
- Endpoint: https://api.x402dataapi.com/v1/tls-report
- Human page: https://x402dataapi.com/api/tls-report
- Docs: https://docs.x402dataapi.com/tls-certificate-report-api
- Description: Paid x402 API for AI agents that checks TLS certificate health, SSL report data, HTTPS certificate expiration, issuer, validity, SAN coverage, chain health, HTTPS readiness and certificate risk for a public hostname.
- Price: 0.001 USDC
- Network: eip155:8453
- Cache TTL: 3600 seconds
- Timeout: 15000 ms
- Tags: x402, ai-agents, tls, ssl, https
- Input schema: {"type":"object","properties":{"host":{"type":"string","description":"Public hostname to inspect"},"port":{"type":"number","description":"TLS port, usually 443"}},"required":["host"]}
- Input example: {"host":"example.com","port":443}
- Output example: {"host":"example.com","port":443,"tls_enabled":true,"issuer":"Example CA","days_remaining":60,"errors":[]}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

### Mail Security

- Key: mail_security
- Method: POST
- Endpoint: https://api.x402dataapi.com/v1/mail-security
- Human page: https://x402dataapi.com/api/mail-security
- Docs: https://docs.x402dataapi.com/mail-security-api
- Description: Paid x402 API for AI agents that checks MX records, SPF, DMARC, email security, phishing risk, domain mail configuration and anti-spoofing posture for a public domain.
- Price: 0.001 USDC
- Network: eip155:8453
- Cache TTL: 3600 seconds
- Timeout: 15000 ms
- Tags: x402, ai-agents, mail-security, email-security, mx
- Input schema: {"type":"object","properties":{"domain":{"type":"string","description":"Public domain name to inspect"}},"required":["domain"]}
- Input example: {"domain":"example.com"}
- Output example: {"domain":"example.com","spf":{"present":true},"dmarc":{"present":true},"mx":[]}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

### HTTP Security Headers

- Key: http_security
- Method: POST
- Endpoint: https://api.x402dataapi.com/v1/http-security
- Human page: https://x402dataapi.com/api/http-security
- Docs: https://docs.x402dataapi.com/http-security-headers-api
- Description: Paid x402 API for AI agents that audits HTTP security headers, HSTS, Content-Security-Policy, X-Frame-Options, Referrer-Policy, Permissions-Policy and web security scan findings for a public URL.
- Price: 0.002 USDC
- Network: eip155:8453
- Cache TTL: 1800 seconds
- Timeout: 15000 ms
- Tags: x402, ai-agents, http-security, security-headers, hsts
- Input schema: {"type":"object","properties":{"url":{"type":"string","format":"uri","description":"Public http or https URL to inspect"}},"required":["url"]}
- Input example: {"url":"https://example.com"}
- Output example: {"url":"https://example.com","status":200,"score":80,"missing":[]}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

### Agent Accessibility Check

- Key: agent_accessibility
- Method: POST
- Endpoint: https://api.x402dataapi.com/v1/agent-accessibility
- Human page: https://x402dataapi.com/api/agent-accessibility
- Docs: https://docs.x402dataapi.com/agent-accessibility-api
- Description: Paid x402 API for AI agents that checks robots.txt, sitemap availability, llms.txt discovery, AI crawler readiness, agent accessibility and AI scraping compatibility for a public URL.
- Price: 0.001 USDC
- Network: eip155:8453
- Cache TTL: 900 seconds
- Timeout: 20000 ms
- Tags: x402, ai-agents, agent-accessibility, robots.txt, sitemap
- Input schema: {"type":"object","properties":{"url":{"type":"string","format":"uri","description":"Public http or https URL to inspect"}},"required":["url"]}
- Input example: {"url":"https://example.com"}
- Output example: {"url":"https://example.com","robots":{},"sitemap":{},"ai_ready":true}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

### Full Domain Report

- Key: full_domain_report
- Method: POST
- Endpoint: https://api.x402dataapi.com/v1/full-domain-report
- Human page: https://x402dataapi.com/api/full-domain-report
- Docs: https://docs.x402dataapi.com/full-domain-report-api
- Description: Paid x402 API for AI agents that returns a complete domain security report with DNS, TLS, mail security, HTTP headers, AI accessibility, website risk score and consolidated remediation issues for a public domain.
- Price: 0.0001 USDC
- Network: eip155:8453
- Cache TTL: 3600 seconds
- Timeout: 45000 ms
- Tags: x402, ai-agents, full-domain-report, domain-security-report, dns
- Input schema: {"type":"object","properties":{"domain":{"type":"string","description":"Public domain name to inspect"}},"required":["domain"]}
- Input example: {"domain":"example.com"}
- Output example: {"domain":"example.com","dns":{},"tls":{},"http":{},"mail_security":{},"agent_accessibility":{}}
- Expected payment error: paid endpoints return HTTP 402 Payment Required with a PAYMENT-REQUIRED header when PAYMENT-SIGNATURE is missing or invalid.

## Safety and target policy

- Targets must be public domains, public hosts or public URLs.
- Private, localhost, RFC1918, link-local and otherwise blocked targets are rejected.
- Responses are JSON.
- Paid endpoints may return validation errors, scanner errors, HTTP 402 payment errors or HTTP 429 rate limits.