Do I need an API key to use the http headers API?

No. watchers.http-headers is x402-native — there is no signup and no API key. Your client makes the call, receives a 402 with payment requirements, signs a USDC payment, and retries. Funds come from a wallet you control.

How much does the http headers API cost?

$0.0500 USDC per call, charged per request. There are no monthly fees, seats, or minimums — you pay only for the calls you make.

Can I try the http headers API for free first?

Yes. Add ?trial=1 (or the header X-2s-Trial: 1) to get a free real call per endpoint per hour, so you can verify the response shape before wiring payment.

Which networks and tokens are supported?

USDC on Base (via EIP-3009 transferWithAuthorization) or Solana (SPL transfer), using the open x402 payment protocol.

How do I call watchers.http-headers from an AI agent or MCP host?

Use @2sio/sdk (TypeScript), 2sio (Python), or the @2sio/mcp server for any MCP host — each handles the probe → sign → retry loop for you. See the code samples on this page.

watchers.http-headers

WATCHER: get a signed callback when a website's HTTP security-headers grade changes (e.g. a regression from A to C). Arm once, pay once. Pass url. Fires when the grade changes; bounded by maxFires/expiry. The grade at arm time is baselined. Useful for catching config regressions. Signed (verify offline) + retried; recoverable via watchers.status. Returns a watcherId.

price

$0.0500 USDC per call

method

POST/api/watchers/http-headers

payment

x402 v2 · USDC on Base (EIP-3009) or Solana (SPL transfer)

auth

None. Sign the payment, retry with PAYMENT-SIGNATURE.

Overview

The http headers API is a pay-per-call watchers endpoint built for AI agents and autonomous software. WATCHER: get a signed callback when a website's HTTP security-headers grade changes (e.g.

There is no signup and no API key. An agent (or any HTTP client) hits the endpoint, receives an x402 "402 Payment Required" challenge, signs a sub-cent USDC payment on Base or Solana, and retries — the data comes back on the paid request. That makes it a drop-in http headers data source for an agent tool-use loop, an MCP host, or a backend that needs watchers data on demand without onboarding to yet another vendor portal.

Use cases

Give an AI agent live http headers lookups as a tool, with no API key to provision or rotate — the agent pays per call from a wallet you fund.
Enrich records in a data pipeline with watchers data, paying only for the calls you actually make instead of a monthly seat.
Ground LLM answers in authoritative watchers data to cut hallucination, then optionally request a signed response for verifiability.
Prototype against the live http headers API in minutes using the free trial call, then flip to per-call x402 payment for production with no code change.

Parameters

Name	Type	Description
`url`required	string	The URL to monitor, e.g. https://example.com. max 2048 chars · uri
`callbackUrl`required	string	Signed event POSTed here (verify X-2s-Signature). Any http(s) URL. max 2048 chars · uri
`payload`	object	Arbitrary JSON echoed back in every callback.
`expiresInSeconds`	integer	Active window in seconds (default 30d, max 90d). min 60 · max 7776000
`maxFires`	integer	Stop after this many changes (default 10). min 1 · max 1000
`label`	string	Optional free-text tag. max 64 chars

Code samples

cURLbash

# 1. Probe the endpoint with no auth — receive 402 with PaymentRequirements
curl -sS -X POST 'https://2s.io/api/watchers/http-headers' \
  -H 'Content-Type: application/json' \
  -d '{"url":"https://example.com","callbackUrl":"https://example.com","payload":{},"expiresInSeconds":60,"maxFires":1,"label":"example"}'

# 2. Sign the EIP-3009 transferWithAuthorization for the advertised price +
#    payTo from the 402 envelope, then retry with PAYMENT-SIGNATURE:
curl -sS -X POST 'https://2s.io/api/watchers/http-headers' \
  -H 'Content-Type: application/json' \
  -H 'PAYMENT-SIGNATURE: <base64-json-payload>' \
  -d '{"url":"https://example.com","callbackUrl":"https://example.com","payload":{},"expiresInSeconds":60,"maxFires":1,"label":"example"}'

# Or just use the canonical runner — it handles the whole loop:
#   EVM_PRIVATE_KEY=0x... node --env-file=.env.local \
#     --experimental-strip-types scripts/x402-pay.ts \
#     'https://2s.io/api/watchers/http-headers'

TypeScript / Node — @2sio/sdktypescript

import { TwoS } from '@2sio/sdk'

const client = new TwoS({
  privateKey: process.env.EVM_PRIVATE_KEY as `0x${string}`,
})

const result = await client.watchers.httpHeaders({
  "url": "https://example.com",
  "callbackUrl": "https://example.com",
  "payload": {},
  "expiresInSeconds": 60,
  "maxFires": 1,
  "label": "example"
})

console.log('endpoint:', result.endpoint)
console.log('cost:', result.costUsd, 'USDC')
console.log('tx:', result.settlement?.txHash)
console.log('data:', result.data)

Python — 2siopython

import os
from twosio import TwoS

client = TwoS(private_key=os.environ["EVM_PRIVATE_KEY"])

result = client.watchers.http_headers(url="https://example.com", callbackUrl="https://example.com", payload={}, expiresInSeconds=60, maxFires=1, label="example")

print("endpoint:", result.endpoint)
print("cost:", result.cost_usd, "USDC")
print("tx:", (result.settlement or {}).get("tx_hash"))
print("data:", result.data)

MCP — Claude Desktop / AgentKit / any MCP hostjson

// 1. Add @2sio/mcp to your MCP host config (Claude Desktop example below).
//    EVM_PRIVATE_KEY funds x402 payments per call.

// claude_desktop_config.json
{
  "mcpServers": {
    "2sio": {
      "command": "npx",
      "args": ["-y", "@2sio/mcp"],
      "env": { "EVM_PRIVATE_KEY": "0x..." }
    }
  }
}

// 2. Once the server is running, agents call this tool via standard MCP:

{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "tools/call",
  "params": {
    "name": "watchers.http-headers",
    "arguments": {
      "url": "https://example.com",
      "callbackUrl": "https://example.com",
      "payload": {},
      "expiresInSeconds": 60,
      "maxFires": 1,
      "label": "example"
    }
  }
}

Response

Field	Type	Description
`ok`	boolean	one of: true
`items`	array
`total`	integer	Total matching rows upstream; null when unknown.
`source`	object

Example response datajson

{
  "ok": true,
  "items": [
    {}
  ],
  "total": 1,
  "source": {
    "provider": "example",
    "url": "example",
    "license": "example"
  }
}

FAQ

Do I need an API key to use the http headers API?: No. watchers.http-headers is x402-native — there is no signup and no API key. Your client makes the call, receives a 402 with payment requirements, signs a USDC payment, and retries. Funds come from a wallet you control.
How much does the http headers API cost?: $0.0500 USDC per call, charged per request. There are no monthly fees, seats, or minimums — you pay only for the calls you make.
Can I try the http headers API for free first?: Yes. Add ?trial=1 (or the header X-2s-Trial: 1) to get a free real call per endpoint per hour, so you can verify the response shape before wiring payment.
Which networks and tokens are supported?: USDC on Base (via EIP-3009 transferWithAuthorization) or Solana (SPL transfer), using the open x402 payment protocol.
How do I call watchers.http-headers from an AI agent or MCP host?: Use @2sio/sdk (TypeScript), 2sio (Python), or the @2sio/mcp server for any MCP host — each handles the probe → sign → retry loop for you. See the code samples on this page.

Discovery

/api/directory — full catalog of every endpoint
/openapi.json — OpenAPI 3.1 spec (per-op x-payment-info, x402Payment security)
/.well-known/x402 — machine-readable service descriptor for x402-aware crawlers
/.well-known/mcp/server-card.json — MCP SEP-1649 server card
/llms.txt — plain-text manifest for LLM ingestion

Related: http headers api · watchers http headers api · http headers api for ai agents · x402 watchers api · http headers api no api key · pay per call http headers api · watchers api