AI agents are becoming primary actors in commerce, requiring platforms that serve both human customers and autonomous agents. This guide outlines the technical foundations CTOs need to architect for agentic channels.
TL;DR:
- Agentic commerce requires MACH architecture (microservices, API-first, cloud-native, headless) with goal-oriented APIs that expose business operations rather than low-level CRUD endpoints
- Critical foundations include Model Context Protocol (MCP) for agent discovery, treating agents as first-class identities with OAuth2 authorization, and supporting payment protocols like ACP and AP2
- Success depends on an AI-native control plane that unifies data across all systems (ERP, CRM, warehouse management), providing agents with complete, real-time context
- Start with clean, enriched product data, including non-visual attributes, then implement machine-readable APIs and robust identity management
- Organizations can migrate pragmatically using the strangler pattern or architect from scratch with AI as a first-class citizen from day one
The new multi-channel commerce ecosystem
Mapping the modern ecosystem
The modern commerce ecosystem introduces new actors beyond traditional web and mobile storefronts. New touchpoints include AI assistants such as ChatGPT and Gemini that act on users’ behalf for research and purchases; voice assistants such as Alexa and Siri; social and messaging bots on platforms like WhatsApp and TikTok Shop; and embedded commerce in games, AR/VR, or smart devices that automatically reorder supplies.
Here’s how it all connects:
At the top, the agentic interface layer: This is where AI agents, voice bots, and chat apps actually talk to your systems. They speak in natural language, which means they need structured, machine-readable product data—not just pretty web pages designed for human eyes.
The context and discovery layer: Protocols like MCP live here, serving up product catalogs, real-time inventory, pricing, and promotions through standardized APIs. It’s the layer that helps agents understand what you’re selling and what’s available.
API gateway, the universal translator: This provides one unified entry point for everything. It handles both high-level requests from AI agents (“find and purchase a travel-sized moisturizer”) and the traditional fine-grained CRUD operations that conventional channels need.
Core microservices: These are your composable building blocks, including catalog, search, pricing, orders, all following MACH principles to keep things modular and flexible.
Data and knowledge layer: Databases, data lakes, vector stores—this is where all your product data, customer profiles, and unstructured content lives. It feeds context to AI agents through RAG (Retrieval-Augmented Generation), making them smarter about what they recommend.
Integration and control planes: This can be considered the orchestration hub. This layer manages workflows, enforces governance rules, and unifies data flowing between your ERP, analytics platforms, and CRM systems.
Identity and authorization: Security checkpoint for both humans and machines. It authenticates everyone (and everything) and enforces least-privilege access so nobody gets more permissions than they need.
Payment and settlement: Protocols like ACP and AP2 handle the money side, managing checkout flows and payment authorization so transactions actually complete.
What’s fundamentally different
Agentic channels introduce shifts requiring a different architectural approach. AI agents are machine-first consumers that primarily ingest structured product feeds, metadata, and real-time inventory. Traditional web pages are becoming less relevant, and unstructured data can lead agents to ignore catalogs entirely.
The architecture must support intent-driven flows, low-latency decision loops, and dynamic negotiation for pricing and bundling. Agents can summarize research and complete purchases within a single conversation rather than through static, multi-step page flows.
Agents require high-level API semantics, with domain-oriented endpoints such as submitVacationPlanning, rather than dozens of CRUD microservice endpoints. APIs require metadata on product quality, delivery times, and return policies.
Identity and authorization frameworks must manage both human users and their agents, requiring explicit authorization, least-privilege scoping, and human-in-the-loop approval for high-risk actions. The ecosystem now includes agent-to-site, agent-to-agent, and brokered interactions, requiring new coordination protocols such as MCP, A2A, and AP2.
Architecture patterns for agentic commerce
MACH architecture as a foundation
MACH architecture provides the necessary foundation. Microservices create independent services for catalog, pricing, and other functions, enabling separate development, scaling, and replacement. API-first design exposes all capabilities via well-defined APIs for reuse across channels. Cloud-native services run on elastic infrastructure, such as Kubernetes or serverless, for automatic scaling. Headless architecture decouples the front end from back-end logic, enabling multiple experiences without changing the core.
MACH matters for agentic commerce because it provides the agility and modularity agents need. API-first is crucial because without it, agents must scrape web pages, which can miss critical data. Cloud-native scaling handles the unpredictable demand driven by AI agents. Organizations adopting composable architecture gain the flexibility to evolve individual components without disrupting the entire system.
Without these principles, monolithic platforms create bottlenecks with slow feature releases, an inability to onboard new channels, and limitations that break agentic flows. A monolith might only offer coarse web pages, preventing an AI agent from calling a service with dynamic pricing. Headless commerce solves this by decoupling presentation from business logic, enabling agents to access commerce capabilities directly.
Model Context Protocol in the stack
MCP is an open standard introduced by Anthropic that connects AI assistants to data and capabilities through a host architecture. It allows clients to discover tools via mcp.listTools and call them via mcp.invoke, with servers returning structured JSON instead of free text.
MCP primarily resides in the context and discovery layer of the agent-aware API and semantic layer. It replaces ad-hoc integrations with a universal protocol for tool discovery and invocation. Retailers can expose their products and order services via MCP servers, which AI agents programmatically discover and use to execute secure, real-time operations like cart updates and order processing with built-in governance.
Designing the API gateway
The API gateway must serve both traditional frontend applications and AI agents with different strategies. Maintain dual API tiers: a machine-oriented tier that exposes high-level business operations separate from a human-oriented tier for traditional headless web and mobile clients. This prevents overloading agents with low-level CRUD endpoints.
Standardize domain schemas for catalog and pricing, enriching them with metadata and a semantic layer integrated with MCP definitions for agent capability discovery. The gateway should authenticate agents using OAuth 2.0 client credentials, enforce rate limits, filter PII, and apply AI-specific policies such as hallucination detection and prompt-injection blocking. Publish stable API contracts in open formats like OpenAPI or GraphQL and support dynamic tool discovery via MCP’s listTools. Seamless API integration across your commerce ecosystem ensures unified data flow between systems.
Clarifying terminology and standards
Understanding ACP, AP2, and related protocols
ACP (Agentic Commerce Protocol) was developed by Stripe and OpenAI. It provides a language for AI agents and merchants to collaborate on purchases, enabling instant checkout inside platforms like ChatGPT by allowing agents to securely share tokenized payment instruments.
AP2 (Agent Payments Protocol) was introduced by Google and a consortium. It focuses on verifiable intent and auditability for agent-initiated payments, using verifiable digital credentials (VDCs) to cryptographically prove user intent for globally interoperable payments via cards or bank transfers.
A2A (Agent-to-Agent) is a protocol proposed by Google that standardizes communication and task delegation between autonomous agents in multi-agent workflows.
These protocols are complementary, not competing. MCP handles context and capability discovery; ACP handles commerce checkout integration; AP2 handles payment authorization and verifiable intent for traceability; and A2A handles multi-agent workflows. CTOs should track ACP for simple checkout integration, AP2 for authorization and traceability, and potentially x402 for micropayments and A2A for multi-agent workflows.
What AI-native commerce means
AI-native commerce has significant architectural substance beyond marketing. It refers to designing an architecture where AI is a first-class participant rather than an add-on. The core is the AI-native control plane, which unifies data across all enterprise systems (ERP, analytics, fulfillment, CRM) to provide a single source of truth. This ensures AI agents have complete, real-time access to data to operate across all systems simultaneously, coordinating real-time pricing, autonomous merchandising, and predictive routing.
Bolt-on AI is insufficient because data silos and missing context prevent proper function. An AI-native control plane is essential for coordinating and acting on unified data effectively.
A blueprint for future-proof architecture
Core non-negotiable layers
A future-proof commerce architecture requires eight foundational components.
- The data and knowledge foundation needs a clean, enriched product catalog with non-visual attributes such as materials and use cases, real-time inventory, and standard schemas. Unstructured data should be stored in vector databases for RAG. Analytics and AI capabilities help transform this data into actionable insights that inform agent decision-making.
- Composable microservices and a MACH platform separate core functions (catalog, pricing, cart) into independent microservices with APIs and event-driven patterns for agility and scalability.
- An agent-aware API and semantic layer provide an API tier with high-level, goal-oriented operations, rich metadata (ratings, delivery ETA), and integrated MCP servers for tool discovery.
- The integration and control plane is an AI-native control plane that coordinates data from all systems (ERP, CRM) and mediates tasks between agents, with connectors to MCP and A2A.
- Identity and authorization systems must register agents as first-class identities, assign granular scopes, and enforce least-privilege access using OAuth 2.0 flows such as CIBA.
- Payments and settlement should support agentic payment protocols, including ACP for checkout, AP2 for verifiable intent, and optionally x402 for micropayments.
- Governance and observability require instrumentation for all interactions, monitoring for anomalies like hallucination detection, and human-in-the-loop triggers.
- Security and trust-by-design needs fraud analytics tailored to agent traffic, intrusion detection, and data privacy controls for GDPR and CCPA.
Identity, authentication, and authorization for agents
Traditional IAM is insufficient. The architecture must treat agents as first-class identities with unique registrations, rotating credentials, and secure authentication mechanisms such as mutual TLS or OAuth2 client credentials. Avoid overly permissive API keys.
Assign fine-grained permissions at the function level (e.g., “create order,” not “admin”) using OAuth2 scopes and User-Managed Access (UMA) to prevent over-scoping.
For actions an agent takes on a user’s behalf, implement Client-Initiated Backchannel Authentication (CIBA), allowing users to explicitly approve actions on their devices.
Maintain an agent registry or identity fabric to track all active agents, their usage, and lifecycle. Record logs that attribute every agent call to the acting user for monitoring and compliance.
Implement step-up authentication, such as MFA push notifications, for high-risk operations (e.g., expensive purchases) to obtain explicit user approval. Adopt standards such as OAuth 2.0 and OpenID Connect to ensure identity policies are consistent and portable across cloud and agent platforms.
Migration and implementation strategy
Pragmatic migration path
For organizations running legacy monolithic platforms, adopt the Strangler Pattern by building new microservices around the monolith and using a façade to route specific functionality through them. New capabilities are always built as microservices.
Identify high-value use cases by creating machine-friendly APIs for functions that benefit most from AI, such as personalized recommendations, product search, or reorder flows, and connect these via MCP.
Audit and fix product data early, as poor data quality is a critical blocker. Structure catalogs, add non-visual attributes, and ensure real-time inventory and pricing APIs are available. Product information management systems centralize and enrich product data, providing a clean foundation for agents to generate accurate recommendations.
Implement identity and authorization early by registering agents, issuing credentials, and implementing OAuth2 flows to prevent the proliferation of shadow agents and compliance risk.
Design goal-oriented, domain-centric APIs with machine-readable context to ensure agents receive coherent responses. Layer in payment protocols by supporting ACP for simple checkouts and exploring AP2 for verifiable intent.
Minimum viable architecture
A minimum viable architecture for basic agentic commerce includes a clean product catalog with real-time inventory, an API gateway that exposes high-level operations (search, add to cart, checkout), identity and authorization for agents, an MCP server that exposes product and order services, and support for ACP or AP2 to complete purchases.
Components that can be deferred include advanced recommendation engines, dynamic pricing capabilities, a full AI-native control plane that unifies data across all ERP and CRM systems, and advanced security features such as prompt-injection detection and detailed cost control.
Architecting from scratch
Starting from scratch allows for AI-native design from the foundation. Treat AI as a first-class citizen by building the control plane from the outset to unify data across all systems (ERP, CRM, WMS) into a single API layer.
Define semantic, goal-oriented APIs with domain-centric operations, such as findGiftForOccasion, that expose rich metadata (e.g., price, sustainability) rather than low-level endpoints.
Adopt MCP and A2A from day one by providing MCP servers for tools and data discovery, and support A2A for anticipated agent-to-agent coordination, such as travel booking.
Create an identity fabric and agent registry, enroll agents as first-class identities, implement least-privilege scopes, and maintain an audit log of record from the start.
Integrate payment protocols from the initial design, supporting ACP and AP2, to enable seamless checkout across AI platforms.
Use a flexible data architecture with event streams and data mesh principles, including a vector database or knowledge graph to capture unstructured context for agents.
Instrument prompts, model outputs, and transactions from the beginning, implementing safety guards and human-in-the-loop fallback flows for observability and safety.
Conclusion
Agentic commerce requires fundamental architectural changes. AI agents need machine-first data, intent-driven APIs, and governance frameworks that traditional platforms weren’t designed to provide. The path forward combines MACH architecture, composable services, and cloud-native infrastructure with emerging standards like MCP, ACP, and AP2. Whether migrating legacy systems or building from scratch, start with clean data, goal-oriented APIs, and robust identity management.
Want to learn more? Join our masterclass: Preparing your tech stack for Agentic Commerce
