# Client

> Pay 402-gated APIs from Rust via the MPP client re-exported at solana_pay_kit::mpp — read the challenge, sign a credential, retry.

Unlike the server-only SDKs in some languages, Rust also ships the **paying side**, via the protocol-layer crate re-exported at `solana_pay_kit::mpp`. The flow is: read the 402 challenge, sign a credential for it, and replay the request with the credential.

## Pay a challenge

```rust
use solana_pay_kit::mpp::client::{build_credential_header, parse_challenge};
use solana_pay_kit::mpp::solana_keychain::memory::MemorySigner;
use solana_pay_kit::mpp::solana_rpc_client::rpc_client::RpcClient;
```

<Snippet lang="rust" name="charge.client" url="https://api.example.com/quote" />

## Auto-pay guardrails

For unattended clients, `build_charge_transaction_with_options` (and `build_credential_header_with_options`) add guardrails before signing:

- a spending cap (`max_amount_base_units`),
- an expected-network pin, and
- a refusal to sign unknown Token-2022 mints unless explicitly opted in.

## Or just use the CLI

For most cases the [`pay`](/docs/toolchain) CLI is the simplest client — it handles the wallet, signing, and the 402 retry transparently, against any pay-kit server:

```bash
pay curl http://127.0.0.1:4567/quote
```