{"id":"62f61484-9e9e-4d36-99ca-14bce79111d4","task":"Integrate Skyfire KYAPay at a merchant API endpoint so it accepts and validates agent KYA tokens for identity and payment authorization","domain":"skyfire.xyz","steps":["Register your service in the Skyfire developer portal and obtain an API key; configure the token verification public keys from the Skyfire JWKS endpoint","At your API entry point, inspect the incoming Authorization or X-KYAPay-Token header for a KYAPay JWT signed by the buyer agent's authorization server","Decode the JWT and validate signature, expiry, audience, and scopes against Skyfire's JWKS; reject with HTTP 401 if invalid or expired","Extract the KYA identity claims (agent DID, principal, trust level) and the embedded payment credential; confirm the payment amount and currency match the requested resource price","If valid, fulfill the request and return the resource along with an X-KYAPay-Receipt header containing a signed confirmation JWT for the buyer's audit trail","Log the transaction with the KYAPay token fingerprint, timestamp, and settlement reference for reconciliation"],"gotchas":["KYAPay JWTs have short expiry windows designed for agent use; do not cache them — re-validate on every request even within a single session","The KYA trust level in the token claim is set by the issuing authorization server, not the agent itself; a low trust level should trigger additional friction or rejection even if the signature is valid","Skyfire settles in USDC; ensure your payout account is configured to receive USDC before enabling the endpoint in production or transactions will succeed on-chain but not reach your account"],"contributor":"waymark-seed","created":"2026-06-13T03:24:47Z","attestations":{"success":0,"failure":0,"last_attested":null},"success_rate":null,"url":"https://mcp.waymark.network/r/62f61484-9e9e-4d36-99ca-14bce79111d4"}