Bitrefill CLI — Real-World Spending for Agents
Agents can't shop on Amazon, book an Airbnb, or pay for a Spotify subscription — traditional e-commerce requires browsers, CAPTCHAs, and credit cards. The Bitrefill CLI bridges this gap: it lets agents autonomously search, purchase, and deliver digital goods (gift cards, mobile top-ups, eSIMs) from 1,500+ brands across 180+ countries, paying with crypto or pre-funded store credits — no human checkout required.
The CLI connects to the
Bitrefill MCP server and dynamically discovers available tools, exposing each as a subcommand with typed options. Combined with x402 payments over Base, it enables fully autonomous agent commerce.
Security & Autonomous Operation
This skill enables real-money transactions. Purchases are fulfilled instantly and are non-refundable once delivered. Agents and operators must understand the requirements and risks before enabling autonomous purchasing.
Required Credentials & Configuration
| Requirement | Location / Variable | Purpose |
|---|
| Bitrefill OAuth token | ~/.config/bitrefill-cli/api.bitrefill.com.json
| Authenticates CLI requests against the user's Bitrefill account |
| Bitrefill account | bitrefill.com/signup | Required for all operations (search, buy, order history) |
| x402-capable wallet (if using ) | Agent-specific (e.g. signing key, wallet SDK) | Signs and submits on-chain USDC payments on Base |
| Pre-funded account balance (if using ) | Funded at bitrefill.com | Pays for purchases from stored account credits |
| env var (optional) | Environment variable | Overrides the default MCP endpoint (https://api.bitrefill.com/mcp
|
Provisioning Credentials for Autonomous Agents
The default OAuth flow opens a browser for interactive authorization — this requires a human for initial setup. For autonomous or headless environments:
- Run the OAuth flow once interactively on a machine with a browser. The CLI stores the token at
~/.config/bitrefill-cli/api.bitrefill.com.json
- Copy the credentials file to the autonomous agent's environment at the same path (
~/.config/bitrefill-cli/api.bitrefill.com.json
- Verify by running
bitrefill list-orders --limit 1
- Token refresh: If the token expires, repeat step 1. Monitor for auth errors in the agent's logs and re-provision as needed.
Never commit credentials to version control. Add
to
and use secure secret management (e.g. environment-specific vaults, encrypted storage) for deployment.
Spending Safeguards
Agents using this skill must follow these constraints:
- Always confirm with the user before purchasing. Present the product name, denomination, price, and payment method, and wait for explicit approval before calling . Never purchase autonomously without user consent unless the user has explicitly opted into fully autonomous purchasing for the session.
- Use a dedicated, limited-balance account. For autonomous operation, create a separate Bitrefill account funded with only the amount you're comfortable the agent spending. Do not give agents access to high-balance accounts.
- Prefer over for autonomous agents. Pre-funded balance has a natural spending cap (the account balance). x402 payments draw from a wallet that may hold more funds than intended for agent use.
- Never store private keys in plain text. If using x402 payments, the signing wallet's private key must be managed through a secure key management system — not in environment variables, config files, or source code.
- Log all purchases. After every call, log the , product, amount, and payment method for audit.
Prerequisites
The CLI must be installed and authenticated before use.
Installation
From NPM (recommended)
bash
npm install -g @bitrefill/cli
From Source
bash
git clone https://github.com/bitrefill/cli.git
cd cli
pnpm install
pnpm build
node dist/index.js # run directly
# or link globally:
npm link
Dev mode (no build step):
Authentication
Requires a Bitrefill account. Sign up at
bitrefill.com/signup.
On first run, the CLI opens your browser for OAuth authorization. Credentials are stored in
.
bash
# First command triggers OAuth flow automatically
bitrefill search-products --query "Netflix"
# Clear stored credentials
bitrefill logout
After logout, the next command triggers re-authentication automatically.
Environment
| Variable | Purpose | Default |
|---|
| Override MCP server endpoint | https://api.bitrefill.com/mcp
|
Recommended Payment for Agents
For the best agentic payments experience, prefer these two methods:
- (store credits) — Instant, no on-chain confirmation wait. The user pre-funds their account at bitrefill.com with crypto or card, then purchases via CLI are fulfilled immediately. Suggest this when the user wants zero-friction, instant delivery.
- with x402 — Use
--return_payment_link true
Always suggest
or x402 over Base first. Fall back to other payment methods only if the user explicitly requests them.
Core Workflow
Discovery → Details → Purchase → Track
search-products → get-product-details → buy-products → get-invoice-by-id / list-orders
- Search for a product by keyword, category, or country
- Get details to find available denominations (numeric values)
- Buy by specifying (JSON array) and
- Track via invoice ID or order listing
Available Commands
Commands are discovered dynamically from the MCP server. Run
for the current list.
search-products
bash
bitrefill search-products --query "Netflix"
bitrefill search-products --query "Amazon" --country US
bitrefill search-products --query "eSIM" --product_type esim --country IT
bitrefill search-products --query "*" --category games
bitrefill search-products --query "*" # all products, default country
| Option | Description | Default |
|---|
| Brand name or for all. Fulltext, not semantic. | |
| Alpha-2 ISO code (e.g. , , ). Must be uppercase. | |
| or (singular). Omit for both. | — |
| Category slug (e.g. , , ). Use to discover slugs. | — |
| /. Set to include out-of-stock. | |
| Page number, 1-indexed. | |
| Results per page, 1–500. | |
get-product-details
bash
bitrefill get-product-details --product_id "steam-usa"
bitrefill get-product-details --product_id "steam-usa" --currency USDC
| Option | Description | Default |
|---|
| Product slug from search results (required) | — |
| Pricing currency: , , , , , , , , , , , | |
| Language code for descriptions | |
Returns a
array. Each entry has a
— this is what you pass as
to
.
Ignore the compound key (e.g.
) — use only the value after
.
Products use three denomination types:
| Type | Example product | examples | to use |
|---|
| Numeric | Steam USD, Amazon, Zalando | , , | , , (number) |
| Duration | Spotify, subscriptions | , | (exact string) |
| Named | PUBG, eSIMs | , | (exact string) |
Named/duration
values are
case-sensitive and must match exactly — partial matches (e.g.
instead of
) are rejected. Only values listed by
are accepted; arbitrary amounts are not supported.
buy-products
must be a JSON array, even for a single item.
bash
# Numeric denomination
bitrefill buy-products \
--cart_items '[{"product_id": "steam-usa", "package_id": 5}]' \
--payment_method usdc_base
# Named denomination (eSIM data plan)
bitrefill buy-products \
--cart_items '[{"product_id": "bitrefill-esim-europe", "package_id": "1GB, 7 Days"}]' \
--payment_method usdc_base
# Duration denomination (subscription)
bitrefill buy-products \
--cart_items '[{"product_id": "spotify-usa", "package_id": "1 Month"}]' \
--payment_method usdc_base
# Multiple items (max 15)
bitrefill buy-products \
--cart_items '[{"product_id": "steam-usa", "package_id": 10}, {"product_id": "netflix-usa", "package_id": 25}]' \
--payment_method bitcoin
# Raw crypto details (no payment link)
bitrefill buy-products \
--cart_items '[{"product_id": "steam-usa", "package_id": 5}]' \
--payment_method usdc_base \
--return_payment_link false
| Option | Description | Default |
|---|
| JSON array of objects. 1–15 items. (required) | — |
| See payment methods table below. (required) | — |
| → + . → raw /. | |
- — use with to poll status
- — browser checkout URL
- — programmatic x402 payment endpoint
- — on-chain destination
- — EIP-681 URI with contract + amount
payment_info.altcoinPrice
list-invoices
bash
bitrefill list-invoices
bitrefill list-invoices --only_paid false --limit 10
bitrefill list-invoices --after "2026-03-01T00:00:00Z" --before "2026-03-10T00:00:00Z"
| Option | Description | Default |
|---|
| 1–50 | |
| Pagination offset | |
| ISO 8601 date filter | — |
| ISO 8601 date filter | — |
| hides unpaid invoices | |
| Include order details | |
get-invoice-by-id
bash
bitrefill get-invoice-by-id --invoice_id "27713c64-6715-48d8-95ef-45eed23efef7"
| Option | Description | Default |
|---|
| UUID of the invoice (required) | — |
| Include order details | |
--include_redemption_info
| Include redemption codes/links | |
| Include unauthenticated access token | |
list-orders
bash
bitrefill list-orders
bitrefill list-orders --limit 5 --include_redemption_info true
| Option | Description | Default |
|---|
| 1–50 | |
| Pagination offset | |
| / | ISO 8601 date filters | — |
--include_redemption_info
| Include redemption codes/links | |
get-order-by-id
bash
bitrefill get-order-by-id --order_id "69af584e8a2639d14ac35e96"
Returns redemption code or link if the order is unsealed (paid and delivered).
| Option | Description | Default |
|---|
| Order ID (required) | — |
--include_redemption_info
| Include redemption codes/links | |
logout
Deletes stored OAuth credentials from
.
Payment
Payment Methods
| Method | Chain / Asset |
|---|
| Bitcoin (SegWit) — returns , , , |
| Lightning — returns , |
| Ethereum mainnet (ETH) — returns , , |
| Base (8453), native ETH |
| Base (8453), USDC |
| Arbitrum (42161), USDC |
| Polygon (137), USDC |
| Ethereum (1), USDC |
| Solana, USDC SPL |
| Polygon (137), USDT |
| Ethereum (1), USDT |
| Bitrefill account credit — no address, paid from balance |
Response Modes
--return_payment_link false
--return_payment_link true
x402 Protocol
x402 enables HTTP 402-based crypto payments.
→ receive 402 + payment instructions (Base64 JSON: amount,
, networks, timeout) → send crypto → resubmit with proof. For agents/automated tools; humans use
.
Troubleshooting
: expected array, received object
must be a JSON array , even for a single item. The README example shows an object
— that does not work.
bash
# WRONG — object
--cart_items '{"product_id": "steam-usa", "package_id": 5}'
# CORRECT — array of objects
--cart_items '[{"product_id": "steam-usa", "package_id": 5}]'
Invalid denomination
The
output shows compound IDs like
.
Do not use the compound key — use only the value after
.
bash
# WRONG — compound key
--cart_items '[{"product_id": "steam-usa", "package_id": "steam-usa<&>5"}]'
# CORRECT — numeric value
--cart_items '[{"product_id": "steam-usa", "package_id": 5}]'
For named denominations, use the exact full string. Common mistakes:
bash
# WRONG — numeric guess for a named package
--cart_items '[{"product_id": "spotify-usa", "package_id": 1}]'
# CORRECT
--cart_items '[{"product_id": "spotify-usa", "package_id": "1 Month"}]'
# WRONG — partial match
--cart_items '[{"product_id": "bitrefill-esim-europe", "package_id": "1GB"}]'
# CORRECT
--cart_items '[{"product_id": "bitrefill-esim-europe", "package_id": "1GB, 7 Days"}]'
# WRONG — wrong case
--cart_items '[{"product_id": "pubg-new-state-international", "package_id": "PUBG New State 300 nc"}]'
# CORRECT
--cart_items '[{"product_id": "pubg-new-state-international", "package_id": "PUBG New State 300 NC"}]'
Only values listed by
are accepted. Arbitrary amounts (e.g.
,
,
) are rejected.
"Search service is not available" (INTERNAL_ERROR)
Caused by invalid
values:
- Lowercase country codes ( instead of ) — silently fails
- 3-letter codes ( instead of ) — fails
- Full names () — fails
- Nonexistent codes () — fails
- Negative page () — fails
Fix: always use
uppercase Alpha-2 ISO codes (
,
,
,
).
"Must be one of" errors
The CLI validates enum values client-side before sending to the server.
| Option | Valid values | Common mistake |
|---|
| , , , , , , , , , , , | , , (case-sensitive) |
| , | (plural), , |
Missing required options
Omitting
or
when required exits with:
error: required option '--<name> <value>' not specified
. The CLI enforces required options before connecting to the server.
Cart exceeds 15 items
Maximum 15 items per
call. Server rejects with:
Too big: expected array to have <=15 items
.
exceeds 500
Server rejects:
per_page must be less than 500
.
Malformed JSON in
Non-JSON strings crash with:
Unexpected token ... is not valid JSON
. Ensure the value is valid JSON. Shell quoting matters — use single quotes around the JSON, double quotes inside.
Missing in cart item
Omitting
from a cart item object results in:
Invalid denomination 'undefined'
. Both
and
are required per item.
Invoice / Product not found
- with a nonexistent ID: (RESOURCE_NOT_FOUND)
- with a nonexistent :
Product '<slug>' is not available
Verify slugs via
and invoice IDs via
.
Wrong
Setting
to a non-Bitrefill endpoint produces a
with the remote server's HTML body. Unset the variable or point it to
https://api.bitrefill.com/mcp
.
OAuth / auth failures
If the CLI hangs or fails on startup:
- Run to clear stale credentials
- Re-run your command — a fresh OAuth flow will start
- Credentials file:
~/.config/bitrefill-cli/api.bitrefill.com.json
Empty search results
with no error typically means:
- The slug doesn't exist (no error, just empty results)
- The product is not available in the specified
- (default) filters out products that are temporarily out of stock
Try broadening: remove
, change
, or set
.
Unpaid invoices
By default
shows only paid invoices. To see all (including pending/expired):
.
Invoices expire after 180 minutes. If unpaid, create a new one — you cannot re-pay an expired invoice.
Legal