A KYC-free Nordic VPS your agent orders over MCP or REST, pays for with x402 or crypto, and tears down — no card, no human in the loop, booted in 90 seconds.
Your agent does the whole loop — register, fund, provision, tear down — over a native MCP server or 50+ REST endpoints. No human review.
It pays the way machines should — per-call x402 on-chain, or a prepaid crypto balance. No card, no KYC, nothing recurring.
Pinned to four Nordic constitutional jurisdictions. A VPS boots in ~90 seconds, from $5.90/mo, drawn from balance.
An autonomous agent stalls the moment a flow demands a credit card, a phone number or an ID upload. NordBastion has none of those gates — email and password is the whole identity floor, so an agent can go from nothing to a running server without a human ever clearing a check.
Cards assume a person with a billing address. Agents settle differently: per-call x402 answers HTTP 402 with an on-chain quote, or the agent draws from a prepaid crypto balance. Either way the cost is explicit and bounded — nothing is kept on file to bill again.
The surface is machine-first: a native MCP server, an OpenAPI 3.1 spec, an A2A agent card and OAuth 2.1 with dynamic client registration, all under /.well-known/. Point a client at the server-card and the tools register themselves.
Pick a tier and a Nordic bastion, boot a VPS in ~90 seconds, and decommission it when the task is done.
Open a crypto invoice and poll it to confirmation, or settle a per-call quote on-chain. Same prices on both rails.
Enumerate VPS and dedicated tiers, bastions and OS images — all public, no key required to look.
Register and rotate the public keys the agent uses to reach the boxes it just stood up.
Get a signed callback when a top-up confirms or a server is created, so the agent can act on events.
Pull the PGP-signed warrant canary, peering policy and per-bastion status straight from the API.
The full surface — tools, schemas, OAuth, x402 and the public agent directory — lives on the AI agents page, with the endpoint reference on the REST API page.
Point Claude, Cursor or any MCP client at the server-card. The tools register automatically and the OAuth dance starts on its own.
It opens a crypto top-up and waits for confirmation, or settles per call with x402. You set the budget; it stays inside it.
The agent orders the tier and bastion you described, reads back the root password once, and hands you a running machine.
The nordbastion-mcp server (MIT, on PyPI and GitHub) maps the whole API to MCP tools, so your assistant can compare tiers, top up in Monero or Bitcoin and provision a VPS conversationally.
uvx nordbastion-mcp
# or
pip install nordbastion-mcp| NordBastion · agentic | Identity-bound cloud | |
|---|---|---|
| Signup | Email + password — no human review | Account + verified card, often ID |
| KYC | None, ever — same floor for humans and agents | Identity + billing address required |
| Self-enrolment | OAuth 2.1 + DCR — the agent registers itself | Human onboards the account first |
| Provisioning | Native MCP server + 50+ REST endpoints | REST API, but behind a human-owned account |
| Payment | Per-call x402, or a prepaid crypto balance | Card on file, monthly invoice |
| Teardown | Agent cancels via API; prepaid, nothing recurring | Standing subscription tied to a card |
| Yurisdiksi | Four Nordic constitutional jurisdictions | The provider's home jurisdiction |
Comparison describes the general identity-bound cloud model; specifics vary by provider.
Agentic infrastructure only works if the host gets out of the way: no identity wall, no card requirement, a machine-readable surface. NordBastion was built that way from the first endpoint — and the guardrails are real: scoped keys, prepaid budgets, an audit log, and a transparent kill-switch.
Wire your agent to the MCP server, fund a small balance in crypto, and let it stand up a Nordic VPS the moment it needs one — then tear it down when it is done. Same flow for you and for the model.
The questions builders ask before handing an autonomous agent the ability to spin up real infrastructure.
Yes. An agent can register an account (email + password), fund it, and order a VPS end to end with no human review — over the native MCP server or the REST API. The same identity floor applies whether the caller is a person or a model: there is no KYC step that needs a human to clear it. A server boots in about 90 seconds.
Two rails, same prices. The classic flow tops up a prepaid balance once in cryptocurrency, then every call draws from it. The agent-native flow is per-call x402: a protected endpoint answers 402 Payment Required with a quote, the agent settles the on-chain quote and replays the request with the receipt. No card, no standing authorisation to bill again.
Both work. An agent can self-register a client through OAuth 2.1 Dynamic Client Registration, or you can mint a scoped API key (read, billing, servers or full) in the panel and hand it to the agent. Scope it down and add an IP allow-list to keep the blast radius small.
Claude Desktop, Claude Code, Cursor, and any client that speaks MCP, A2A or plain REST. There is an official open-source MCP server — install it with "pip install nordbastion-mcp" or "uvx nordbastion-mcp" — that exposes the whole catalogue, billing and server lifecycle as tools your assistant can call in natural language.
No KYC. An email address and a password are the entire identity floor — no legal name, no phone number, no identity document, no proof of address, for humans or agents alike. The doctrine page explains exactly what is and is not collected.
Money is bounded by design. Keys are scoped and revocable, with an optional IP allow-list and expiry. On the classic rail the agent can only spend the prepaid balance you funded — there is no card to run up. On x402 each action is a discrete, quoted on-chain payment. You can turn on an audit log to see every authenticated call.
Browse the catalogue (VPS, dedicated, bastions, OS images), open and poll a crypto top-up, provision and cancel servers, manage SSH keys, register webhooks, and read transparency surfaces like the warrant canary and per-bastion status. Every panel action has a REST endpoint and an MCP tool behind it.