API for AI Agents | Buy VPN Programmatically

Overview

TaoFlow exposes a JSON API that covers the entire VPN purchase lifecycle. Any HTTP client, script, or AI agent can:

Browse available plans, countries, and payment methods
Create an order and receive a crypto payment address
Poll order status until provisioning completes
Download the WireGuard configuration file

The API is described by an OpenAPI 3.0 specification that AI agents can read to auto-discover all endpoints.

Agent Discovery

AI agents can find the TaoFlow API through two standard mechanisms:

OpenAPI spec: /openapi.json
AI plugin manifest: /.well-known/ai-plugin.json

Both are served automatically and require no authentication to read.

Purchase Flow

List plans — GET /plans returns plan IDs, names, durations, and prices.
List countries — GET /countries returns available server locations as country identifiers. Use the exact values returned when creating orders.
List payment methods — GET /payment-methods returns accepted cryptocurrencies.
Create order — POST /orders with plan_id, country_code, and optional pay_currency. Returns the payment address, amount, and an access_token.
Send payment — Transfer the exact pay_amount to the pay_address using the specified crypto.
Poll status — GET /orders/{id} with Authorization: Bearer {access_token}. Wait until status is "paid" and provisioning is false.
Download config — GET /orders/{id}/config returns the WireGuard configuration file contents.

Authentication

Browsing plans, countries, and payment methods requires no authentication. Order endpoints require a Bearer token:

Authorization: Bearer {access_token}

The access_token is returned when you create an order. A recovery_key is also returned — use POST /orders/recover to get a new access token if the original is lost.

Quick Example

# 1. Browse catalog
curl -s https://taoflow.network/plans | jq .
curl -s https://taoflow.network/countries | jq .

# 2. Create order
ORDER=$(curl -s -X POST https://taoflow.network/orders \
  -H 'Content-Type: application/json' \
  -d '{"plan_id":"basic-1m","country_code":"US","pay_currency":"xmr"}')
echo $ORDER | jq .

# 3. Extract credentials
ORDER_ID=$(echo $ORDER | jq -r '.order_id')
TOKEN=$(echo $ORDER | jq -r '.access_token')

# 4. Send crypto to pay_address...

# 5. Poll until ready
curl -s https://taoflow.network/orders/$ORDER_ID \
  -H "Authorization: Bearer $TOKEN" | jq '{status, provisioning}'

# 6. Download WireGuard config
curl -s https://taoflow.network/orders/$ORDER_ID/config \
  -H "Authorization: Bearer $TOKEN" | jq -r '.wg_config' > taoflow.conf

Prompt for AI Agents

Give your AI agent this prompt to buy VPN access:

Read the API spec at https://taoflow.network/openapi.json
then buy me a VPN. Use country US and pay with XMR.
Follow the purchase flow described in the spec.

The agent will discover all endpoints from the OpenAPI spec and execute the flow step by step.

Compatible Tools

The OpenAPI spec works with any framework that supports the standard:

LangChain — OpenAPI agent toolkit
CrewAI — tool integration via OpenAPI
ChatGPT — via plugin manifest or Actions
Claude — can read the spec and call endpoints directly
AutoGPT / AgentGPT — HTTP tool with spec discovery
Any HTTP client — curl, Python requests, etc.

FAQ

Does the API require an account or API key?

No. Browsing the catalog is fully open. Order operations use the access_token returned at order creation — no pre-registration needed.

Can an AI agent send the crypto payment too?

The API returns the payment address and amount. If the agent has access to a wallet API (e.g. Monero RPC), it can trigger the payment. Otherwise, the user sends payment manually.

What happens if I lose my access token?

Use POST /orders/recover with your recovery_key to get a new access token.

Is there a rate limit?

Public endpoints have rate limiting to prevent abuse. Normal agent usage is well within limits.