Skip to main content
Mandate gives your AI agent a verified identity and a spending policy that sellers can trust. This guide walks you through every step — from signing up to making your first authenticated payment — entirely in the sandbox. No real USDC required.
Sandbox API keys start with ky_sand_. Every request in this guide uses the sandbox environment. No real money moves until you switch to a production key.
1

Create an account

Sign up at usemandate.xyz. After email verification, the dashboard creates your account and issues a sandbox API key automatically.Your sandbox API key looks like this:
Store this key in a .env file or your secrets manager. The dashboard will not show it again after the initial display.
.env
2

Install the SDK

Install the Mandate SDK with your package manager:
npm
pnpm
yarn
The SDK exports KyaPaymentsClient — the main class your agent uses to make payments — along with typed error classes for handling policy denials and payment failures.
3

Register an agent

Before your agent can pay for anything, you need to register it. Each registered agent gets a stable agent_id that sellers can verify independently.Send a POST /v1/agents request with a name, an optional description, and any capability tags:
curl
The response includes your agent’s ID:
Copy the id — you’ll use it as agent_id in every mandate and payment request.
4

Create a mandate

A mandate is the spending policy attached to your agent. It defines what the agent is allowed to spend, where, and for how long. You must have an active mandate before the policy engine will approve any payment.
curl
The response confirms the mandate and returns its ID:
5

Make your first payment

With an agent registered and a mandate in place, your agent can now make authenticated payments. Import KyaPaymentsClient and call fetchWithPayment — the SDK handles the full x402 challenge–policy–proof cycle automatically.
Under the hood, fetchWithPayment does the following:
  1. Sends the initial request — if the server returns 200, it returns the response immediately.
  2. If the server returns 402, it parses the payment challenge from the response headers.
  3. Calls POST /v1/policy/evaluate to check the transaction against your mandate.
  4. If the policy engine approves, calls POST /v1/payments/proof to get a signed proof.
  5. Retries the original request with X-Payment-Proof and X-Kya-Agent-Id headers attached.
To handle policy denials and payment failures explicitly:
The sandbox supports more advanced testing scenarios — including proof generation, replay protection, and deliberate policy violations. See the Sandbox guide for details.