Nevermined Pay · Widgets

Embed card capture in your app

Drop-in, PCI-compliant widgets let your users enroll a card, set spending mandates, and fund agents inline. The card number never touches your servers.

Get widget keys Read the docs

Audit-ready

ISO 27001

SOC 2 Type II

PCI SAQ-D

Drop-in iframe

One snippet. A full card-capture flow on your domain.

Mount the widget and your users enroll a card inline. The fields live inside a Nevermined-served iframe, so the raw card number is tokenized before it ever reaches your page.

Renders right inside your own product
Zero PCI scope: card data never touches your servers
Tokenized by VGS, verified with 3DS or a passkey

// 3 lines to embed

const nvm = await NeverminedWidgets.initialize({ session })

nvm.delegations.enrollCard({ container: el, onSuccess })

PCI-compliant

Card data never hits your server

acme-agents.ai/fund

Fund your agent

Add a card so Acme can pay for what it uses.

Nevermined iframe

VISA

•••• •••• •••• 4242

Acme Agent Inc12 / 28

Card number

4242 4242 4242 4242

VISA

Expiry

12 / 28

CVC

•••

Encrypted by VGS. Nevermined never sees your card number.

From card to autonomous spend

Three widgets that take a user from card on file to an agent transacting in the open market.

Card enrollment

Users add a real credit or debit card inline. Tokenized by VGS, verified with 3DS or a FIDO2 passkey.

•••• 4242Vaulted

Spending mandate

Users delegate scoped spend power: amount cap, currency, expiry, transaction count, merchant categories. Revocable any time.

$200/wk·14 days·3 categories

Agent spend in the wild

Hand the scoped credential to the agent. It transacts autonomously at any merchant within the policy, on real card rails.

OpenAI$0.42

Browserbase$0.18

Tavily$0.07

How it works

Three steps from dashboard to a live widget.

Step 1

Generate a widget key

Create an organization widget key in the dashboard and set the origin allowlist for domains allowed to load it.

Step 2

Mint a session

Your backend exchanges the key secret for a short-lived session, server to server. The secret never reaches the browser.

Step 3

Mount the widget

Initialize the browser SDK with the session and mount enrollment, delegation, or checkout into any container.

Three lines to embed

Initialize, mount, observe. The widget handles the rest.

funding.tsx

// 1. initialize with your short-lived session
const nvm = await NeverminedWidgets.initialize({ session })

// 2. mount the delegation widget
nvm.delegations.createDelegation({
  container: el,
  onSuccess: ({ result }) => agent.grantSpend(result.delegationId),
})

// 3. the agent now has a scoped, revocable spend power

Mandate in action

What spend powers actually look like

Once delegated, the agent transacts across the open market within the rules you set. Every charge runs on real card rails, every transaction is observable, and the mandate can be revoked at any time.

Acme Agent · $200/wk

$73 spent · 14 days remaining

Active

Recent transactionslive

OpenAIgpt-4o · 1.2K tok$0.42now

Browserbase1 session$0.1812s

Tavilysearch · web$0.0747s

ElevenLabstts · 240 chars$0.031m

OpenAIgpt-4o · 800 tok$0.282m

Where it fits

Wherever your users meet your agents.

API spend →

Let buyers fund agents that pay per call across your API surface.

Browser agents

Give browser-based agents a scoped card to spend at every site they visit.

Agent fleets

Issue mandates to a fleet of agents, each with its own caps and audit trail.

Consumer agents

Give your end-user's agent funds within the product they already use.

Frequently asked questions

Everything you need to know about Nevermined Pay widgets.

No. The widget renders as an iframe served by Nevermined. Card details are captured inside that iframe by a PCI-compliant vault (VGS) and tokenized before they reach any system. Your page never sees the card number, so embedding the widget keeps you at zero PCI scope.

Embed in minutes

Put funding inside your product

Generate a widget key, mint a session, and ship card capture without taking on card data.