AgentCard← Blog
·4 min read

How to Use AgentCard with OpenAI Codex for Autonomous Purchases

Set up AgentCard with OpenAI's Codex agent to create virtual cards and make purchases programmatically.

OpenAI Codex is a cloud-based coding agent that runs in a sandboxed environment. It writes code, runs shell commands, makes API calls — all on its own. No babysitting required. That makes it a natural fit for AgentCard: point Codex at a purchase, and it handles the whole thing end to end.

We've been watching people use this combo since we launched in March 2026, and honestly, it's one of the cleanest agent-purchase flows out there. Here's how to wire it up.

What you need

  • OpenAI Codex access (via the OpenAI dashboard or API)
  • Node.js 18+ available in the Codex environment
  • A payment method (credit card, debit card, or USDC)

How Codex makes purchases

Codex runs in a sandboxed cloud environment with full shell access. Give it a purchase task and it:

  1. Installs and runs the AgentCard CLI
  2. Creates a virtual card for the exact dollar amount you need
  3. Pulls card credentials (number, CVV, expiry)
  4. Writes and runs API calls to complete the purchase

Cloud-native means fully autonomous. No local terminal, no clicking around. Codex just does it.

Step 1: Install the AgentCard CLI

In your Codex task, instruct the agent to install AgentCard first:

npm install -g agentcard

Codex runs this in its sandbox before doing anything else.

Step 2: Authenticate

Here's the one tricky part. Codex can't click a magic link in your email, so you need to authenticate locally first:

agentcard signup --email you@example.com

Click the magic link. Then pass your AgentCard session token to Codex — either as an environment variable or a config file it can read. That's the bridge between your local auth and the cloud sandbox.

Step 3: Give Codex a purchase task

Now the good part. Describe what you want in plain language:

"Create a $20 AgentCard virtual card. Then use the Namecheap API to register the domain mycoolproject.dev. Use the card details as the payment method."

Codex will:

  1. Run agentcard create --amount 20
  2. Complete the Stripe payment flow (or prompt you if interaction is needed)
  3. Run agentcard details <card-id> to get the card number, CVV, and expiry
  4. Write and execute code to call the Namecheap API with the card credentials
  5. Confirm the domain was registered

What Codex is good at

Here's the thing about Codex: it doesn't just call APIs — it writes the integration code from scratch. That's a big deal for purchases where there's no pre-built SDK.

Buying API credits

"Create a $50 AgentCard and purchase 100,000 API credits on Anthropic using their billing API."

Codex writes the API call, injects the card details, and executes it.

Registering domains

"Create a $12 AgentCard and register example.dev through the Cloudflare Registrar API."

Codex handles the whole chain — auth, domain search, payment. We've seen it figure out the Cloudflare API docs on its own.

Provisioning cloud resources

"Create a $100 AgentCard and add billing credits to my AWS account using the payment API."

Codex generates the appropriate SDK calls and applies the card.

Security tips

We built AgentCard so you never have to hand an autonomous agent your real credit card. That would be insane. Instead:

  • Use exact amounts — $15 card for a $12 purchase. Not $200. Be tight.
  • One card per task — every Codex task gets its own card
  • Verify after — tack agentcard balance <card-id> onto the end of the task to confirm what actually got charged
  • Limit sandbox permissions — only give Codex the credentials it needs for that specific task
  • Read the code — Codex shows generated code before execution. Actually look at those API calls.

If Codex screws something up or a request fails, your exposure is capped at the card amount. That's the ceiling. Not your bank account.

Limitations

Codex runs in a cloud sandbox. No browser, no visual checkout forms. API-based and CLI-based purchases only. If a merchant only does web checkout, enter the card details yourself or use a desktop agent like Claude Cowork.

The auth thing is the main gotcha — we mentioned it above, but it bears repeating: authenticate locally, then pass the session token to the sandbox.

Get started

npm install -g agentcard
agentcard signup --email you@example.com

Then in your Codex task:

"Install agentcard, create a $25 virtual card, and use it to [make your purchase]."

Codex writes the code, runs it, and you're done.

Ready to try AgentCard?

Give your AI agent a virtual card in under 60 seconds.

npm install -g agentcard