Checkout icon

Delegated Payment Spec with Adyen

Learn to integrate the Delegated Payment Spec with Adyen.

Integrate with the Delegated Payment Spec so that your Agentic Platform collects or holds shopper payment credentials and securely delegates payment processing to Adyen. This enables merchants that use your Agentic Platform to process payments with Adyen.

If you want to integrate with the Universal Commerce Protocol instead, refer to our documentation on how to handle Google Pay tokens with Adyen.

Requirements

Requirement Description
Integration type Make sure that you have set up an integration that follows the Agentic Commerce Protocol (ACP).
Limitations
  • Compliance: your Agentic Platform must meet PCI DSS Level 1 compliance.
  • You must complete our security review to approve your platform.
Setup steps Before you begin, reach out to your Adyen Account Manager or our Support Team for the following:
  • Access to Delegated Payment.
  • Your dedicated Agentic Commerce authentication token.
  • Enable your Adyen merchant accounts for Agentic Commerce.

How it works

When the shopper initiates a transaction using your Agentic Platform, the following flow occurs:

  1. The shopper enters their payment details in your Agentic Platform.
  2. Your Agentic Platform sends the payment (card number or network token) data to Adyen by making a /agentic_commerce/delegate_payment request.
  3. Adyen validates the credentials and returns a merchant-scoped ACP token to your Agentic Platform.
  4. Your Agentic Platform sends the ACP token to your checkout application.
  5. The merchant's checkout application makes a /payments request including the ACP token.
  6. Adyen authorizes the payment and returns the payment result to your checkout application.
CnNlcXVlbmNlRGlhZ3JhbQphdXRvbnVtYmVyCnBhcnRpY2lwYW50IFNob3BwZXIKcGFydGljaXBhbnQgUGxhdGZvcm0gYXMgWW91ciBBZ2VudGljIFBsYXRmb3JtCnBhcnRpY2lwYW50IEFkeWVuCnBhcnRpY2lwYW50IEFwcCBhcyBNZXJjaGFudCBDaGVja291dCBBcHBsaWNhdGlvbgoKICAgIFNob3BwZXItPj5QbGF0Zm9ybTogRW50ZXJzIHBheW1lbnQgZGV0YWlscwogICAgUGxhdGZvcm0tPj5BZHllbjogL2FnZW50aWNfY29tbWVyY2UvZGVsZWdhdGVfcGF5bWVudAogICAgQWR5ZW4tLT4+UGxhdGZvcm06IE1lcmNoYW50LXNjb3BlZCBBQ1AgdG9rZW4KICAgIFBsYXRmb3JtLT4+QXBwOiBTZW5kcyBBQ1AgdG9rZW4KICAgIEFwcC0+PkFkeWVuOiAvcGF5bWVudHMgKGluY2x1ZGVzIEFDUCB0b2tlbikKICAgIEFkeWVuLS0+PkFwcDogUGF5bWVudCByZXN1bHQgKEF1dGhvcml6ZWQpCg==

Send a delegated payment request through the Agentic Platform

Make a POST /agentic_commerce/delegate_payment request through the Agentic Platform, including the following:

Headers:

Header Required Description
Authorization -white_check_mark- Use the following format: Bearer <YOUR_AGENTIC_TOKEN>.
If you enter a standard API key, you get the 401 Unauthorized error.
Content-Type -white_check_mark- Must be the following: application/json.
API-Version -white_check_mark- Must be the following: 2025-09-29.
Accept-Language The preferred locale for content like messages and errors. For example: en-US.
User-Agent Your platform name and version. For example: MyPlatform/2.0.
Idempotency-Key A unique value, such as a universally unique identifier (UUID), to prevent duplicate transactions. For example: idempotency_key_123
Request-Id Unique trace identifier for each request. For example: request_id_123.
Signature The Base64 HMAC-SHA256 signature of the request body.
Timestamp The time the request as an RFC 3339 string. For example: 2025-09-25T10:30:00Z.

Body:

Parameter name Required Description
payment_method.type -white_check_mark- card
payment_method.card_number_type -white_check_mark- fpan or network_token
payment_method.number -white_check_mark- The shopper's card number.
payment_method.metadata -white_check_mark- Arbitrary key/value pairs.
allowance.reason -white_check_mark- one_time
allowance.max_amount -white_check_mark- Maximum amount the payment method can be charged.
allowance.currency -white_check_mark- The ISO-4217 currency code. For example: USD.
allowance.checkout_session_id -white_check_mark- The merchant's checkout_session_id.
allowance.merchant_id -white_check_mark- The merchant's Adyen merchant account.
allowance.expires_at -white_check_mark- Timestamp, formatted as an RFC 3339 string.
billing_address.name -white_check_mark- The shopper's name.
billing_address.line_one -white_check_mark- The shopper's street address.
billing_address.city -white_check_mark- The city of the shopper's address.
billing_address.country -white_check_mark- The country of the shopper's address, following ISO 3166-1 standard.
billing_address.postal_code -white_check_mark- The postal code of the shopper's address.
risk_signals.type -white_check_mark- The type of risk signal.
risk_signals.score -white_check_mark- The risk signals score. For example: 10.
risk_signals.action -white_check_mark- Possible values:
  • blocked
  • manual_review
  • authorized
metadata -white_check_mark- Arbitrary key/value pairs.
payment_method.exp_month The card's expiry month.
payment_method.exp_year The card's expiry year (four digits).
payment_method.name The cardholder name.
payment_method.cvc The card's CVC number.
payment_method.cryptogram The cryptogram provided with network tokens.
payment_method.eci_value The Electronic Commerce Indicator/Security Level Indicator provided with network tokens.
payment_method.checks_performed An array that indicates the checks already performed on the card. For example [avs, cvv, ani, auth0].
payment_method.iin The first six digits of the card number, identifying the issuer.
payment_method.display_card_funding_type Funding type of the card to display.Possible values:
  • credit
  • debit
    • or
  • prepaid
payment_method.display_wallet_type If the card came through a digital wallet, what type of wallet.
payment_method.display_brand The brand of the card to display.
payment_method.display_last4 In case of non-PAN, this is the original last 4 digits of the card for customer display.
billing_address.line_two The second line of the shopper's street address.
billing_address.state The state of the shopper's addres, following ISO 3166-2 standard.

  1. Get the ACP token (id) from the response.

    The ACP token:

    • Is merchant-scoped.
    • Cannot be used across unauthorized merchant accounts.
    • Does not expose raw card data.

Make a payment request with the ACP token

Make a POST /payments request through your checkout application, including:

Parameter name Description
shopperReference The checkout_session_id value from the response in the /checkout_session response from the Agentic Platform.
paymentMethod.storedPaymentMethodId The ACP token from the Agentic Platform.
merchantAccount Your merchant account.
amount.value The value of the payment, in minor units.
amount.currency The three-character ISO currency code.
shopperInteraction ContAuth
recurringProcessingModel UnscheduledCardOnFile
reference Your reference for the order.

The response include the following:

Parameter Description
pspReference Our unique identifier for the transaction.
resultCode Indicates the current status of the payment.

Test and go live

After you test your integration and are ready to go live, you must change your /agentic_commerce/delegate_payment from the test URL to the live URL:

Environment URL
Test https://pal-test.adyen.com/paltokenization/servlet/Recurring/Agentic/acp/v1/agentic_commerce/delegate_payment
Live https://pal-live.adyen.com/paltokenization/servlet/Recurring/Agentic/acp/v1/agentic_commerce/delegate_payment