What integration means
Integrating payments into Zapier means two related things: letting a Zap pay for what it calls, and, when you want it, charging other callers for running a Zap. The first is the common case, a Zap or an AI step paying a data API or another service; the second is the earn side, turning a Zap into a paid endpoint.
This page is the integration reference, framed for Zapier's cloud no-code model. For the same overview in a self-hosted automation tool, see n8n-ai-agent-payments; for a code-first framework, see crewai-payment-integration. The payment API product page is the broader reference. Here the focus is how payment fits a hosted workflow tool, where one fact changes the setup.
Zapier is cloud-hosted
The fact that shapes everything is that Zapier runs in the cloud, not on your machine, so unlike a self-hosted tool it cannot reach a service on localhost. The x402 service that holds your wallet and does the real payment work, built on createX402Client, must therefore be deployed at a public URL that Zapier can call.
That is the main difference from a self-hosted setup: you deploy the small Node service somewhere reachable (a small host, a function, a container) and your Zap calls it over the public internet with Webhooks by Zapier. The service is the same thirty-line process used across integrations; only its address is public rather than local. This one fact, public service instead of localhost, drives both how you wire payment and, importantly, how you must secure it.
The pay side
To let a Zap pay, add a Webhooks by Zapier action that POSTs the target to your deployed x402 service.
Webhooks by Zapier (Action: POST)
URL: https://pay.yourdomain.com/fetch
Headers: X-Zap-Secret: {{ your shared secret }}
Data (JSON): { "url": "{{ the URL to fetch }}" }
→ returns the response body, having settled any 402 in USDC on BaseThe service behind that URL is the proxy built on createX402Client: it checks the shared secret, receives the target, answers the 402 by settling in USDC on Base, retries, and returns the body to the next step in the Zap. For Zapier's AI Actions or agent features, the same service is what an action step calls. To the Zap it is an ordinary webhook action that returns data; the payment happens in the service, and the wallet's spend limit is the backstop.
Secure the public service
Because the service is public and holds a wallet, securing it is not optional. A public endpoint that settles payments with no authentication would let anyone who finds the URL spend your balance, so require a secret and check it on every request. Have the Zap send a shared secret in a header (X-Zap-Secret above) and have the service reject any request that does not carry it.
Keep the wallet's sk_ key only in the service's environment, never in the Zap, and store the shared secret in your Zap as it would any credential. Beyond the secret, lock the service down further where you can: restrict it to the requests you expect, and consider an allowlist if your host supports one. The spend limit on the wallet still bounds the worst case, but the secret is what stops unwanted callers from reaching the service at all. Treat this public service as the sensitive component it is, because the convenience of a cloud tool comes with a public attack surface a localhost service does not have.
The earn side
To charge for running a Zap, build it with a Catch Hook trigger so it has a webhook URL, then front that URL with a small Node gateway running createX402Plugin.
import Fastify from "fastify";
import { createClient } from "@blockchain0x/node";
import { createX402Plugin } from "@blockchain0x/x402/server/fastify";
const sdk = createClient({ apiKey: process.env.B0X_API_KEY! });
const app = Fastify();
await app.register(createX402Plugin, {
sdk,
defaultNetwork: "testnet",
pricing: { "POST /run": { amountUsdc: "0.10", payToAddress: process.env.B0X_PAYTO_ADDRESS!, paymentRequestId: "pr_zap" } },
});
app.post("/run", async (req) => {
const r = await fetch("https://hooks.zapier.com/hooks/catch/your-hook", { method: "POST", body: JSON.stringify(req.body) });
return await r.json();
});
await app.listen({ port: 8080 });An unpaid call to the gateway gets a 402; a paid one fires your Zap's Catch Hook and returns its result. The Zap does not change; the gateway is the paywall in front of its hook. Keep a free route describing what the Zap does so callers can decide before paying.
Verify before you go live
Because the service is public, verify it carefully before pointing real money at it. Deploy with a sk_test_ key first, then test from two directions. Send a request through your Zap and confirm a paid call settles on Base Sepolia and the body returns to the next step; then send a request without the secret header from outside the Zap and confirm the service rejects it. The second test is the one people skip, and it is the one that proves your wallet is not exposed.
Only once both hold should you swap the key to sk_live_ for Base mainnet. Check the dashboard for the matching settlement after a successful run, so you know the Zap, the service, and the wallet are all wired to the same account before any live traffic arrives.
Compatibility
The integration works across Zapier's surfaces because it uses webhook actions and triggers to reach a deployed service.
| Zapier surface | Works? | Notes |
|---|---|---|
| Webhooks by Zapier (POST action) | Yes | Calls the deployed x402 service to pay |
| AI Actions / agent step | Yes | The step calls the same service |
| Catch Hook trigger + Node gateway | Yes | Charge per Zap run |
| Service location | Public URL | Cloud Zapier cannot reach localhost |
| Payment package language | Node | The service and gateway are small Node processes |
When this fits
The integration fits when a Zap or its AI step needs to pay for what it calls, when you want to charge for running a Zap, or both, and you can deploy a small public service. That suits Zaps that hit paid APIs, AI steps that pay for data, and Zaps you want to sell access to per run, all without leaving Zapier's no-code model.
It fits less well when nothing in the Zap touches paid resources, when you cannot deploy a public service, or when a single human-approved payment is the only money movement. For per-call machine payments in a cloud workflow, the deployed-and-secured x402 service, plus a gateway to earn, is the integration that fits Zapier's hosted shape.
Pricing
Integration is free; you build it from open packages. What you pay is the wallet platform fee per agent on the pricing page: Free is $0 per agent per month at a 5% transaction fee, Pro is $9 at 2%, Business is $29 at 1%. Per-agent pricing means each agent that transacts, paying or earning, is billed on its own wallet, so you pay for the Zaps that actually move money.
What to ship today
Deploy a small x402 service at a public URL with a sk_test_ key and a required secret header, add a Webhooks by Zapier action that POSTs to it, and make one paid call on Base Sepolia. To earn, give a Zap a Catch Hook trigger and front it with the Node gateway. Keep the wallet key in the service and check the secret on every request. For the self-hosted sibling see n8n-ai-agent-payments. Pricing is on the pricing page.