AgentRefills is one API for autonomous agents to buy gift cards, API credits, domains, eSIMs, cloud compute and more — thousands of products across 190+ countries. Instant, programmatic, delivered in seconds.
Wire AgentRefills into your agent once. Every purchase is a single call.
Drop in the AgentRefills REST API or MCP tool. SDKs for Python & TypeScript.
Query thousands of gift cards, API credits, domains, compute & eSIMs programmatically.
Codes, keys & credentials returned in the response and via webhook in seconds.
Everything an agent needs to spend responsibly in the real world — typed, observable, and safe by default.
Expose AgentRefills to any agent as a native tool.
Python & TypeScript, typed and idempotent.
Per-agent spend limits and approval rules.
Every order traceable and observable.
Run the full flow against test products, zero real spend.
Codes & keys delivered in seconds, globally.
Plugs into the agent stack you already use.
Gift cards are just the start. Your agents can top up credits, spin up infra, and register domains through the same API.
The catalog agents can buy from, callable by brand name. Each purchase is a single API call; see the docs for the flow.
Wallet credit and game currency, delivered in seconds.
REST and MCP with identical semantics. REST base https://agentrefills.com. MCP is in preview — request early access.
Code samples target the AgentRefills REST API. The interactive catalog above shows a static snapshot until the API is connected.
# 1. create a purchase (authenticate with your API key) curl -X POST https://agentrefills.com/v1/purchases \ -H "Content-Type: application/json" \ -H "Authorization: Bearer sk_live_..." \ -d '{"brand_id":"amazon","amount_minor":2500,"currency":"USD"}' # → {"task_id":"tsk_9F2A","status":"accepted","state":"completed"} # 2. release the code once (from the vault) curl -X POST https://agentrefills.com/v1/purchases/tsk_9F2A/code \ -H "Authorization: Bearer sk_live_..." # → {"code":"GIFT-XXXX-9F2A","face_minor":2500,"remaining_minor":2500}
import time, requests BASE = "https://agentrefills.com" H = {"Authorization": "Bearer sk_live_..."} # create -> poll -> release r = requests.post(f"{BASE}/v1/purchases", headers=H, json={ "brand_id": "amazon", "amount_minor": 2500, "currency": "USD", }) r.raise_for_status() task = r.json()["task_id"] while requests.get(f"{BASE}/v1/purchases/{task}", headers=H).json()["state"] != "completed": time.sleep(0.45) code = requests.post(f"{BASE}/v1/purchases/{task}/code", headers=H).json() print(code["code"], code["face_minor"])
const BASE = "https://agentrefills.com"; const H = { "Content-Type": "application/json", "Authorization": "Bearer sk_live_..." }; // create -> poll -> release let r = await fetch(`${BASE}/v1/purchases`, { method: "POST", headers: H, body: JSON.stringify({ brand_id: "amazon", amount_minor: 2500, currency: "USD" }), }); if (!r.ok) throw await r.json(); const { task_id } = await r.json(); let state = "accepted"; while (state !== "completed") { await new Promise((res) => setTimeout(res, 450)); state = (await (await fetch(`${BASE}/v1/purchases/${task_id}`, { headers: H })).json()).state; } const code = await (await fetch(`${BASE}/v1/purchases/${task_id}/code`, { method: "POST", headers: H })).json(); console.log(code.code, code.face_minor);
# AgentRefills posts order events to your endpoint. # HMAC-verified (X-Signature) and deduped on (provider, event_id). POST https://your-app.com/hooks/agentrefills X-Signature: "t=1720224000,v1=<hmac-sha256>" { "provider": "bitrefill", "event_id": "evt_7c1e", "type": "purchase.completed", "task_id": "tsk_9F2A", "brand_id": "amazon", "face_minor": 2500 } # Verify the HMAC, then look up by event_id — a replay is a no-op. # Endpoint: POST /v1/webhooks/bitrefill
{
"tools": [
{ "name": "list_brands", "annotations": { "readOnlyHint": true } },
{ "name": "buy_giftcard", "annotations": { "destructiveHint": true, "idempotentHint": true },
"input": {
"brand_id": "amazon",
"amount_minor": 2500,
"currency": "USD",
"client_ref": "idem_2f9c"
} },
{ "name": "get_code", "annotations": { "readOnlyHint": false } },
{ "name": "check_balance", "annotations": { "readOnlyHint": true } },
{ "name": "request_approval", "annotations": { "readOnlyHint": false } }
]
}
Straight answers about letting an autonomous agent spend money safely.
AgentRefills is a purchasing API for AI agents. It lets an autonomous agent buy gift cards, API credits, domains, cloud compute and eSIMs through five simple tools over MCP or REST, wrapped in spend caps, human approval, and a full audit trail. It is the refill layer that gives an agent a wallet it can't misuse.
Yes. An agent calls the buy_giftcard tool with a brand, an amount in minor units (cents) and an idempotency key. The purchase runs through a fail-closed policy check; under the spend cap it settles automatically, and over your threshold it parks for human approval. The redemption code is released once through a separate call.
Every agent gets its own API key scoped to per-agent daily and monthly spend caps and a brand allowlist. The policy engine enforces the caps on every purchase and fails closed, so an agent can never exceed its budget even if the policy service is unreachable.
Set an approval threshold. Any purchase above it is parked as APPROVAL_REQUIRED and a human is pinged in Slack to approve or reject before money moves. The agent can re-ping the approver with the request_approval tool, and the task resumes automatically once approved.
Gift cards for thousands of brands plus API credits (OpenAI, Anthropic, Perplexity), cloud and GPU compute (AWS, Google Cloud, NVIDIA), domains (Namecheap, GoDaddy), hosting, messaging credits and eSIMs. All are callable programmatically through the same API.
Yes. AgentRefills ships an MCP server that any MCP client can use as a native tool, and a REST API with identical semantics for the OpenAI Agents SDK, LangChain, LangGraph, LlamaIndex, CrewAI, the Vercel AI SDK, or any custom stack.
Codes are encrypted at rest and released to the purchasing agent exactly once through get_code, with the access logged. Raw codes are never written to logs, traces, or responses beyond that single release, so a leaked log or trace can never expose a redeemable code.
Yes. Every account includes a test mode with test products, so you can run the full purchase flow end to end with zero real spend, then switch to live when you are ready.
Every purchase carries an agent-supplied idempotency key (client_ref). Re-using the same key returns the existing order instead of buying again, and a unique payment-per-task constraint makes a second charge structurally impossible rather than statistically unlikely.
One API for gift cards, API credits, domains, compute and eSIMs across 190+ countries. Test free, then ship to production.