Issue Single-Use Virtual Cards for AI Agents in Minutes

▶ Watch the 60-second version on YouTube

Harnessing Stripe Issuing for AI Agents

The demand for agile and secure payment solutions has only intensified with the rise of AI agents that can autonomously manage transactions. Stripe Sessions 2026 introduced a game-changer: the capability to issue single-use virtual cards through Stripe Issuing tailored specifically for AI agents. These cards come with robust spend controls and real-time authorization webhooks, paving the way for innovative payment solutions. Let’s dive into how you can implement this in your fintech application.

Setting Up Your Stripe Issuing Environment

Before diving into API calls, ensure you have your Stripe account configured with the Issuing feature enabled. You'll need to have the right permissions and a connected Stripe account to start issuing cards. 1. **Create an Issuing Card**: To issue a virtual card, you'll need to create a cardholder first. A cardholder represents a person or an entity that will be using the card. Here’s how you can create a cardholder:

import stripe

stripe.api_key = "sk_test_..."

cardholder = stripe.Issuing.Cardholder.create(
    name="AI Agent",
    email="agent@example.com",
    type="individual",
    billing={
        "address": {
            "line1": "123 Main St",
            "city": "San Francisco",
            "state": "CA",
            "postal_code": "94105",
            "country": "US",
        },
    },
    spending_controls={
        "allowed_categories": ["online"],
        "blocked_categories": ["gambling"],
    },
)
   

This creates a cardholder with specific spending controls that restrict categories like gambling while allowing online purchases, which is particularly useful for AI agents performing transactions on your behalf.

Issuing Single-Use Virtual Cards

Once you have a cardholder, you can issue a single-use virtual card. This is where the magic happens, allowing your AI agent to make purchases without the risk of exposing the underlying payment information. Here’s how to issue a single-use card:

card = stripe.Issuing.Card.create(
    cardholder=cardholder.id,
    currency="usd",
    type="virtual",
    settings={
        "spending_controls": {
            "spending_limits": [
                {
                    "amount": 1000,  # Limit to $10.00
                    "interval": "all_time",
                },
            ],
        },
    },
)
   

This code snippet creates a virtual card with a spending limit of $10.00. The `spending_controls` parameter allows you to customize each card's financial boundaries, ensuring your AI agents stay within budget.

Real-Time Authorization Webhooks

A powerful aspect of managing virtual card transactions is the ability to receive real-time notifications about card usage. By setting up webhooks, you can respond immediately to transactions, adjusting spending controls or tracking expenses. To set up a webhook, you can use the following command to subscribe to the `issuing.card.authorized` event:

curl -X POST https://api.stripe.com/v1/webhook_endpoints \
  -u sk_test_...: \
  -d "url"="https://yourapp.com/webhooks" \
  -d "enabled_events[]"="issuing.card.authorized"

Make sure you handle the incoming webhook requests appropriately. Here’s a basic example of how you might handle an authorization event:

from flask import Flask, request

app = Flask(__name__)

@app.route('/webhooks', methods=['POST'])
def handle_webhook():
    event = request.get_json()
    
    if event['type'] == 'issuing.card.authorized':
        # Process the authorization event
        print("Card authorized:", event['data']['object'])
    
    return '', 200
   

This setup enables you to react immediately when an AI agent's card is used, giving you the flexibility to enforce dynamic spending controls based on transaction patterns.

Non-Obvious Gotcha: Cardholder Verification

A common pitfall that developers encounter when working with Stripe Issuing is the expectation that a cardholder can be created and used without verification. Depending on your account's settings and the issuer’s regulations, you may have to provide additional verification information for the cardholder, such as a phone number or government ID. Make sure to check Stripe’s documentation for the specific requirements based on the country and type of cardholder you're creating. This can save you time debugging issues during card creation or usage that stem from unverified cardholders.

Final Thoughts

Integrating Stripe Issuing for single-use virtual cards gives you the tools needed to support AI agents in a secure and controlled manner. The ability to enforce spend controls and respond in real-time to transactions opens a myriad of possibilities for innovative fintech applications. Take the time to explore the rich API capabilities Stripe offers, and you'll find that building secure payment solutions doesn't have to be overly complex. With the right approach, you can empower AI agents to handle transactions while maintaining the highest standards of security and compliance.