What it means
402 Payment Required tells the client: this resource exists, but you must pay before you can have it. It sits in the 4xx family alongside 401 Unauthorized and 403 Forbidden — but unlike those, 402 isn't about who you are, it's about whether you've paid.
Why it sat unused for decades
When HTTP was written in the early 1990s, the web had no native money layer — no instant, programmatic way to move value between two machines. So 402 was reserved for future use and left without a standard behavior. For years it was a curiosity: a status code everyone knew about but almost nobody could actually use, because there was no agreed-upon way for a client to respond to it.
Where you actually hit a 402 today
Because there was no standard, individual services invented their own meanings. If you've seen a 402, it was probably one of these:
How x402 finally gives it meaning
The x402 protocol standardizes the whole exchange. Instead of a dead-end, a 402 now carries machine-readable payment terms:
- Client requests a paid resource → server replies
402with the price, asset (e.g. USDC) and where to pay. - Client pays on-chain and retries the request with proof of payment.
- Server verifies and returns the resource — no signup, no API key, no human.
That makes 402 a real, automated paywall — perfect for APIs and AI agents that need to pay each other on the fly. See what is x402, the x402 SDKs, or browse the 1.1k x402 projects we track.