Skip to main content

Plugin Pro — paid tier on try.getaxonflow.com

$9.99 USD for 90 days of Pro tier service. One-time payment. No subscription, no auto-renewal.

If you're using the AxonFlow plugin for OpenClaw, Claude Code, Cursor, or Codex against the Community SaaS endpoint at try.getaxonflow.com and outgrowing the Free tier's 3-day retention or 200-events-per-day quota, Plugin Pro raises both limits and adds email support — without forcing you to self-host or move to an enterprise contract.

This page covers what Pro gives you, how to buy it, how to install your token in each plugin, and what happens when the 90 days end.

Free vs Plugin Pro at a glance

The five differentiators that activate when you upgrade to Pro:

#CapabilityFree (default)Plugin Pro
1Daily quota (governed events per tenant)200 events/day2,000 events/day (10× Free)
2Audit retention (rolling)3 days30 days (10× Free)
3Custom tenant policies (active)2 active maxUnlimited
4HITL approval gating1 per rolling 7 daysUnlimited
5LLM cost pre-flightNot availableAvailable

Plus the operational baselines the Pro tier carries forward from Free:

CapabilityFree (default)Plugin Pro
Stable tenant identity with local cache
Server-backed registration
Email recovery if you lose local plugin config✓ (capped at 3 active tenants per email)
Agent-callable read tools — audit search, decision explain, overrides✓ — NOT counted toward quota✓ — NOT counted toward quota
Audit export (CSV/JSON download)NoNo (deferred to v1.1)
Token validityn/a90 days (one-time payment, see expiry behavior below)
Email support responseNone2 business days
Stripe Customer Portal (view invoices, update card)
14-day refund window — no questions asked
Invoice + tax handling (via Stripe)N/A
Price$0 forever$9.99 USD one-time (90 days of service, no auto-renewal)

The "Free" column is the default tier any new tenant lands on at try.getaxonflow.com. The "Plugin Pro" column is what you get for 90 days after a successful purchase.

AxonFlow Plugin Pro — $9.99 USD for 90 days of Pro tier service. After 90 days your tenant returns to the Free tier (3-day audit retention, 200 events/day). To continue Pro, re-purchase — there's no recurring charge and no auto-renewal.

Source of truth for these numbers at runtime: call axonflow_list_pro_features from your plugin host — the agent returns the live tier limits the platform is enforcing for your tenant.

What "2,000 governed events per day" means

A "governed event" is a write-path request — audit/tool-call (audit record after a tool runs), policy-evaluation writes, and override creates (counted for abuse control). Each one counts as one event. The per-tenant counter resets at midnight UTC.

Read-path requests do NOT count toward the daily quota: audit_search, explain_decision, list_overrides, and the /api/v1/recover endpoint are separately rate-limited but do not consume your write quota. Read tools are inspection / debugging / trust-building — counting them toward quota would create a perverse loop where a blocked user burns quota investigating prior burns.

If you cross the 2,000-event write boundary inside a 24-hour UTC window, the agent returns HTTP 429 (Daily request limit reached. Resets at midnight UTC.) for any further write request from that tenant until the next reset. Pro purchase doesn't unlock retroactive headroom — the counter starts fresh from 0 only at midnight UTC, regardless of when you bought.

For most individual-developer use this is comfortable: a steady 100-tool-use day is well under the 200 Free quota, and Pro gives you headroom for heavier days plus the longer audit retention to look back across them.

If you genuinely need higher per-day caps (team usage, automation pipelines), self-hosting AxonFlow Community Edition removes the per-tenant cap entirely. See the self-host guide.

What "30-day audit retention" means

Every governed request that reaches AxonFlow generates an audit_logs row recording the policy decision, the tool name and arguments, the verdict, and the timestamp. On Free tier those rows are purged 3 days after they were written. On Plugin Pro they're retained 30 days.

The retention window is rolling — at any given moment, your tenant's audit history covers the past 30 days (Pro) or 3 days (Free). The cleanup loop runs hourly inside the agent.

Retention applies per-tenant via the plugin_user_licenses table: when you buy Pro, a row is inserted with tier='Pro', and the cleanup loop reads that row to apply the 30-day window for your tenant. When the 90 days expire (or you revoke), the row's lifecycle handling kicks the tenant back to the Free 3-day window.

Custom tenant policies — unlimited on Pro

Free tier supports 2 active custom policies. Pro removes the cap. A "custom policy" is a tenant-scoped governance rule you author yourself (in addition to the system policies that always run) — for example, blocking your team's own internal-tool patterns or pinning an outbound-content regex to your customer-facing scenarios.

The agent surfaces creation as an MCP tool from the AxonFlow plugin host. Sketch:

axonflow_create_tenant_policy(
  name="block-ssh-key-writes",
  description="Prevent any tool from writing into ~/.ssh/",
  connector_type="claude_code.Bash",
  pattern="^.*~/\\.ssh/.*$",
  action="block"
)

Required arguments are name, connector_type (e.g. claude_code.Bash, or * for all connectors), pattern (regex or literal), and action (one of block / warn / audit / require_approval). description is optional.

On Free, the third active policy returns 403 active_policies with the upgrade body (limit_type: "active_policies", tier: "Free", limit: 2, upgrade.buy_url). Delete one to make room, or upgrade to Pro to remove the cap entirely. Existing policies stay live; the cap only blocks new active-policy creation.

HITL approval gating — unlimited on Pro

Free tier supports 1 HITL (human-in-the-loop) approval per rolling 7 days. Pro removes the cap. An "approval" is a request the agent suspends pending human sign-off — typical use cases are gating destructive operations, large LLM spends, or write-side connector calls (Salesforce / Jira / Linear) that should not auto-fire.

The agent surfaces approval requests as an MCP tool. Sketch:

axonflow_request_approval(
  original_query="Deploy v2.5.0 to production us-east-1",
  request_type="production_deploy",
  trigger_reason="destructive_command",
  severity="high"
)

Required arguments are original_query (the user's natural-language request) and request_type (a category like shell_command / file_write / git_push / production_deploy). Optional: trigger_reason (why the gate fired), severity (one of low / medium / high / critical).

On Free, the second approval inside any 7-day rolling window returns 403 hitl_approvals_window with tier: "Free", window: "rolling_7d", resets_at: "<RFC3339>" and the upgrade context. Pro buyers can request as many concurrent approvals as their workflow needs.

LLM cost pre-flight — Pro-only

The Pro tier unlocks axonflow_get_cost_estimate — call it before executing a multi-step plan to see what the LLM tokens will cost. Sketch:

axonflow_get_cost_estimate(
  plan="Refactor all auth handlers to use the new JWT library, run the test suite, and write a migration guide.",
  model="claude-sonnet-4-6"
)

plan is your natural-language description of the work; the orchestrator estimates input tokens from prompt length and output tokens from each model's default upper bound. model is optional and defaults to claude-sonnet-4-6. Pass any model your deployment is configured to route to (Anthropic / OpenAI / Google / Mistral identifiers all accepted).

Example response shape (passed through from the orchestrator's /api/v1/plans/estimate):

{
  "success": true,
  "estimated_cost_usd": 0.043,
  "currency": "USD",
  "breakdown": [
    {"step": "plan", "model": "claude-sonnet-4-6", "estimated_input_tokens": 124, "estimated_output_tokens": 4096, "estimated_cost_usd": 0.043}
  ],
  "model": "claude-sonnet-4-6",
  "plan": "Refactor all auth handlers ..."
}

The success: true field is set by the agent on every successful V1 MCP tool response so LLM consumers (Claude Code, Cursor, Codex, OpenClaw) see an unambiguous signal alongside the orchestrator-supplied cost data. Failed calls (e.g. Free tier hitting feature_pro_only) come through the standard JSON-RPC error path with isError: true instead of success: true.

On Free the call returns 403 feature_pro_only with the upgrade context. Pro buyers get cost visibility before the plan runs — useful for budget guards on agent-driven workflows where a runaway loop would otherwise be the first signal that the plan was too expensive.

Discovering what your tenant has

Both tiers can call axonflow_list_pro_features — the agent returns your current_tier, the locked V1 differentiator list (daily quota, retention window, active-policy cap, HITL window, cost pre-flight availability), the locked pricing ($9.99 / 90 days / one-time), and the canonical upgrade_url + buy_url. This is the runtime source of truth for what Pro unlocks vs Free; the live tier label comes from the agent rather than being hardcoded in the plugin.

How to buy Plugin Pro

You'll need:

  1. Your tenant ID (the cs_<uuid> value your plugin registered with — see "Find your tenant ID" below if you don't know it)
  2. A credit card or Apple/Google Pay
  3. About 60 seconds

The flow:

  1. Go to the AxonFlow pricing page and click Buy Plugin Pro — $9.99. (You can also use the Stripe checkout link surfaced in your plugin's status command — see per-plugin sections below.)
  2. Stripe Checkout opens. Fill in your email and payment method.
  3. There's a tenant_id custom field on the checkout — paste your cs_<uuid> value into it. This is required. Without it, the AxonFlow webhook can't bind the purchase to your tenant and your purchase will be flagged for manual reconciliation.
  4. Pay. Stripe sends your receipt to the checkout email.
  5. Within ~60 seconds, AxonFlow's webhook receives the checkout.session.completed event from Stripe, mints your Pro license token (an AXON-… string), inserts the row in plugin_user_licenses, and sends a separate email to the same checkout address with the token plus install instructions.
  6. Paste the token into your plugin's config (per-plugin instructions below). The next governed request from that tenant resolves Pro tier — confirmed by axonflow-<plugin>-status if your plugin ships that CLI.

If you don't see the email within 5 minutes, check spam, then contact support.

Find your tenant ID

If your plugin already auto-bootstrapped a tenant at try.getaxonflow.com, the credentials are persisted locally. To read them:

PluginWhere the credential file lives
OpenClaw~/.config/axonflow/try-registration.json (run axonflow-openclaw-status to print it)
Claude Code~/.config/axonflow/try-registration.json
Cursor~/.config/axonflow/try-registration.json
Codex~/.config/axonflow/try-registration.json

The tenant_id field in that JSON file is what you paste into the Stripe custom field.

If you've never used the plugin against try.getaxonflow.com and don't have a tenant yet, run any governed action through the plugin once — the auto-bootstrap creates the tenant + writes the credential file in the same call.

Install your Pro token

After Stripe checkout completes you'll receive an email with your AXON-… token. The simplest install path that works identically across all four plugins is the AXONFLOW_LICENSE_TOKEN environment variable — every plugin's hooks resolve the env var first, then fall back to a plugin-specific persistent file. Pick the path that fits how your shell loads (interactive shell profile vs project .env vs systemd unit, etc.).

Universal — env var (works for openclaw / cursor / codex / claude-code)

export AXONFLOW_LICENSE_TOKEN='AXON-...your-token...'

Add this to your shell profile (~/.zshrc, ~/.bash_profile, ~/.config/fish/config.fish, etc.) so it's loaded for every shell that launches the plugin host. The next governed action through any of the four plugins picks up the token on the next invocation.

For Cursor IDE specifically, the env var must be present in the shell that launched the Cursor process — if you export it after Cursor was already open, restart Cursor.

Per-plugin persistent file (alternative to env var)

Each plugin also reads from a plugin-specific local config file as a secondary fallback. Use this if you don't want the env var present in every shell.

PluginConfig fileHow to write
OpenClaw~/.openclaw/openclaw.json field plugins.entries.axonflow-governance.config.licenseTokenEdit the JSON file directly, OR re-run openclaw plugins install --force --dangerously-force-unsafe-install <local-path-to-axonflow-openclaw-plugin> with licenseToken already set in the cloned plugin's config
Cursor~/.config/axonflow/license-token (no .json suffix; mode 0600)mkdir -p ~/.config/axonflow && chmod 700 ~/.config/axonflow && printf '%s' 'AXON-...' > ~/.config/axonflow/license-token && chmod 600 ~/.config/axonflow/license-token
CodexSame path + mode as Cursor: ~/.config/axonflow/license-tokenSame command as Cursor
Claude Code~/.config/axonflow/license-token.json (with .json suffix; mode 0600). Use the bundled slash command rather than writing the JSON yourself:/axonflow-login AXON-...your-token... (run inside Claude Code)

The env var (AXONFLOW_LICENSE_TOKEN) takes precedence over the persistent file in every plugin — useful for one-shot CI invocations where you don't want to leave a token on disk.

Verify Pro tier resolved

OpenClaw ships a status CLI:

axonflow-openclaw-status
# expect: tier: Pro

The other three plugins surface tier: Pro in their hook log lines (visible in the host's plugin log) on the next governed call. There is no equivalent status CLI for Cursor / Codex / Claude Code today.

Recovery — lost token or email

If you lose your token email or your local plugin config:

PluginRecovery invocation
OpenClawaxonflow-openclaw-recover <your-email> (npm-bundled CLI)
CursorRun bash <plugin-install-dir>/scripts/recover-credentials.sh <your-email> from the cursor-plugin install (typically ~/.cursor/plugins/local/axonflow-cursor-plugin/)
CodexRun bash <plugin-install-dir>/scripts/recover.sh <your-email> from the codex-plugin install
Claude Code/axonflow-recover <your-email> slash command (the agent then walks you through pasting the magic-link token via /axonflow-recover-verify)

Each posts to POST /api/v1/recover on try.getaxonflow.com, the agent emails a magic-link, and the per-plugin verify step writes the recovered credentials back to the plugin's local config. The recovery flow is free-tier — your existing Pro entitlement on plugin_user_licenses keeps working with the recovered credentials.

What happens at the end of 90 days

Your Pro license token's expires_at is set 90 days from purchase. After that:

  • The next governed request your plugin sends with the expired token returns 401 token expired. The plugin treats this as a tier-down signal — it stops attaching the token to subsequent requests.
  • Your tenant returns to the Free tier: 200 events per day, 3-day audit retention.
  • Audit logs older than 3 days that were retained while you were Pro are purged on the next cleanup loop run.
  • Your tenant identity, registration, and recovery email all stay intact — no re-registration needed.

To continue Pro service, complete another purchase. There is no auto-renewal — Stripe is configured for one-time payment only, your card is not stored, and you will not be charged again unless you actively buy.

Refunds — 14-day window, no questions asked

If Pro doesn't meet your needs, request a refund within 14 days of purchase by emailing [email protected] with your Stripe receipt or tenant_id. Refunds are issued via Stripe (typically 5–10 business days back to your card). When the refund processes, your Pro license is revoked and your tenant returns to Free tier on the next governed request.

Full refund-policy text: getaxonflow.com/refund-policy.

Revocation — chargebacks and disputes

If a Stripe chargeback fires for your purchase, your Pro license is automatically revoked at the database level (plugin_user_licenses.revoked_at is set). The next governed request from your plugin returns 401 license_not_found_or_revoked and your tenant returns to Free tier — typically within 60 seconds of the revocation row update.

This is the same mechanism used for the refund flow above.

Customer portal — invoices and card updates

Plugin Pro purchases include access to the Stripe Customer Portal where you can:

  • View past invoices for your purchase(s)
  • Update the card on file (doesn't auto-charge — the card update only matters if you make a future purchase)
  • Update your billing email

The portal link is in your purchase email and your Pro-installed plugin's axonflow-<plugin>-status output.

Privacy and data handling

When you use the AxonFlow plugin against try.getaxonflow.com (Free or Pro), governed tool inputs (tool name + arguments) and outbound tool outputs are processed by AxonFlow's policy enforcement endpoint and recorded in audit logs.

Plugin Pro does not change WHAT data flows — it changes the per-tenant retention window for that data (3 days → 30 days). Data handling, deletion mechanics, and the privacy policy are the same as Community SaaS Free. See getaxonflow.com/privacy for the full policy, including the Payment Processing section that covers how Stripe handles your card data.

Plugin Pro is suitable for individual use within the documented per-tier limits (30-day retention, 2,000 events/day, unlimited custom policies, unlimited HITL approvals). For workloads that require contractual SLOs, regulated-industry compliance (HIPAA, financial services, government), real user data of third parties, or dedicated tenancy — neither tier of Community SaaS is the right fit. Self-host AxonFlow Community Edition or contact us about Enterprise. See Privacy notice on the Community SaaS page for the full disposition matrix.

Cross-references

Last updated on