Server-side metering for the MEOK compliance MCP fleet. 200 free calls/day, pay-as-you-go beyond that.
POST https://proofof.ai/verify
Content-Type: application/json
Authorization: Bearer <api_key> (optional — empty key = free tier)
{
"api_key": "your-team-key",
"tool": "eu-ai-act-compliance-mcp.classify"
}{
"allowed": true,
"tier": "free|teams|enterprise",
"remaining": 199,
"reset_at": "2026-06-14T00:00:00Z",
"upgrade_url": "https://meok.ai/pricing"
}{
"allowed": false,
"tier": "free",
"remaining": 0,
"reset_at": "2026-06-15T00:00:00Z",
"upgrade_url": "https://meok.ai/pricing",
"message": "Free tier quota exceeded. Upgrade at https://meok.ai/pricing"
}{
"allowed": false,
"tier": "none",
"error": "invalid_api_key",
"message": "API key is invalid or revoked. Get a new one at https://meok.ai/verify-dashboard"
}import urllib.request, json
def _verify(api_key: str, tool: str) -> dict:
"""Calls the live /verify endpoint. Returns the JSON dict."""
try:
data = json.dumps({"api_key": api_key, "tool": tool}).encode()
req = urllib.request.Request(
"https://proofof.ai/verify",
data=data,
headers={"Content-Type": "application/json"},
)
with urllib.request.urlopen(req, timeout=2.5) as r:
return json.loads(r.read())
except Exception:
# Fail-open: meter outage shouldn't block the agent
return {"allowed": True, "tier": "unknown", "remaining": 999}
# Usage in your MCP server.py
result = _verify(api_key="team-key-abc123", tool="eu-ai-act-compliance-mcp.classify")
if not result.get("allowed"):
return {"error": result.get("message", "Quota exceeded")}
# ... continue with the tool logicasync function verify(apiKey, tool) {
try {
const res = await fetch('https://proofof.ai/verify', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ api_key: apiKey, tool }),
});
return await res.json();
} catch (e) {
return { allowed: true, tier: 'unknown', remaining: 999 };
}
}
const r = await verify(process.env.MEOK_API_KEY, 'eu-ai-act-compliance-mcp.classify');
if (!r.allowed) return { error: r.message };| Tier | Quota | Burst | Audit |
|---|---|---|---|
| free (no key) | 200 calls/day | 5 calls/sec | none |
| teams ($99/mo) | 100,000 calls/month | 50 calls/sec | CSV + JSON export |
| enterprise | 1M+ calls/month | custom | real-time + SIEM ship |
If proofof.ai/verify is unreachable (network issue, our outage, KV not configured), the meter returns {"allowed": True, "tier": "unknown", "remaining": 999}. Your local rate-limit (_check_rate_limit()) is the safety net. We never block users because our metering is down.
Every call to /verify is logged with: {timestamp, api_key_hash, tool, allowed, tier, response_time_ms}. Free tier: no key = no log. Teams tier: queryable via API. Enterprise tier: real-time + SIEM webhook.
| Code | Meaning | Action |
|---|---|---|
| 200 | OK | Continue |
| 401 | Invalid API key | Get a new key at /verify-dashboard |
| 429 | Quota exceeded | Upgrade at /pricing OR wait for reset |
| 5xx | Server error (fail-open) | Continue, log the error |
The MEOK _server_meter_check function is MIT-licensed. You can run it against your own proofof.ai deployment, or replace it with your own metering.
Spec version: 2026-06-14. Backwards compatible with all v1.0+ MEOK MCP packages.