You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,6 +4,7 @@
4
4
5
5
### Changed
6
6
7
+
-**`scripts/recover.sh status` tier line now surfaces Pro license expiry date.** The status output's `tier` line parses the JWT `exp` claim from the configured Pro license token and renders one of three shapes: `Pro tier active (expires YYYY-MM-DD, N days remaining)` when active, `Free tier (Pro expired YYYY-MM-DD — visit https://getaxonflow.com/pro to renew)` when the token is on disk but its `exp` has passed (plugin will not forward an expired token), or `Free tier (no AXON- license token configured)` when no token is loaded. Lets users see their renewal date without hitting the agent and catches the lapsed-token state before their next governed call. Display only — JWT signature validation remains the platform's job. Pre-existing `Pro tier active` and `Free tier` substring assertions still hold.
7
8
-**`scripts/recover.sh status` now surfaces tenant_id + upgrade URL.** Free-tier users need to find their `tenant_id` (`cs_<uuid>`) to paste into the Stripe Checkout custom field at `getaxonflow.com/pro`. The status output now reads `~/.config/axonflow/try-registration.json` (the auto-bootstrap registration file) and prints the tenant_id alongside endpoint + license-token state. Adds an `upgrade` line (default `https://getaxonflow.com/pro`, override via `AXONFLOW_UPGRADE_URL`) and copy-paste-ready upgrade instructions. Token still redacted to last 4 chars (no full bearer credential in stdout — see PR #41).
description: Report the user's current AxonFlow tier (free or Pro), endpoint, and whether a license token is configured. Use when the user asks "am I on Pro?", "what tier am I on?", "is my license active?", or wants to know which AxonFlow they're talking to.
3
+
description: Report the user's current AxonFlow tier (Free or Pro), Pro license expiry date, endpoint, and whether a license token is configured. Use when the user asks "am I on Pro?", "what tier am I on?", "when does my Pro license expire?", "is my license active?", or wants to know which AxonFlow they're talking to.
4
4
---
5
5
6
6
The Codex plugin runs in one of two tiers:
7
7
8
-
-**Free.** No `AXONFLOW_LICENSE_TOKEN` env var and no `license_token = "..."` line in `~/.codex/axonflow.toml`. The plugin omits the `X-License-Token` HTTP header on every governed request, and the agent applies free-tier quota / retention defaults.
9
-
-**Pro tier active.** Either `AXONFLOW_LICENSE_TOKEN` is exported in the Codex environment (operator override; CI use) or `~/.codex/axonflow.toml` contains a `license_token = "AXON-..."` line. The plugin sends `X-License-Token: <token>` on every governed request, and the agent's `PluginClaimMiddleware` validates the Ed25519 signature + DB row, then stamps a Pro-tier context on the request.
8
+
-**Free.** No `AXONFLOW_LICENSE_TOKEN` env var and no `license_token = "..."` line in `~/.codex/axonflow.toml` (or the line is there but its JWT `exp` is in the past — the plugin will not forward an expired token). The plugin omits the `X-License-Token` HTTP header on every governed request, and the agent applies free-tier quota / retention defaults.
9
+
-**Pro tier active.** Either `AXONFLOW_LICENSE_TOKEN` is exported in the Codex environment (operator override; CI use) or `~/.codex/axonflow.toml` contains a `license_token = "AXON-..."` line whose JWT `exp` is in the future. The plugin sends `X-License-Token: <token>` on every governed request, and the agent's `PluginClaimMiddleware` validates the Ed25519 signature + DB row, then stamps a Pro-tier context on the request.
10
10
11
11
Invoke the status surface via `exec_command`:
12
12
13
13
```bash
14
14
bash $PLUGIN_DIR/scripts/recover.sh status
15
15
```
16
16
17
-
The output reports:
17
+
## Tier line shape
18
+
19
+
The script's `tier` line takes one of three shapes — surface whichever one the user got:
20
+
21
+
-`tier Pro tier active (expires 2026-08-03, 90 days remaining)` — paid Pro tier active.
22
+
-`tier Pro tier active (expires UNKNOWN — could not parse token)` — token configured but the JWT body did not parse. Treat as Pro for display; the platform is the source of truth on validity.
23
+
-`tier Free tier (Pro expired 2026-02-04 — visit https://getaxonflow.com/pro to renew)` — token is on disk but its `exp` has passed. The plugin will not forward an expired token; the user must buy a renewal and replace the token via `AXONFLOW_LICENSE_TOKEN=<new>` or `scripts/recover.sh apply-token`.
24
+
-`tier Free tier (no AXON- license token configured)` — no token loaded.
25
+
26
+
When the user lands on `Free tier (Pro expired …)`, point them at the renew URL embedded in the line and the `scripts/recover.sh apply-token` hint the script prints below.
27
+
28
+
## Other lines the script reports
18
29
19
30
- the active endpoint (`AXONFLOW_ENDPOINT` or the community-saas default)
20
31
- whether `~/.codex/axonflow.toml` exists
21
-
- whether a license token is currently resolvable
22
-
- the tier (`Pro tier active` or `Free tier (no AXON- license token configured)`)
32
+
- the user's `tenant_id` (read from `~/.config/axonflow/try-registration.json`) — needed to paste into the Stripe checkout custom field at /pro
33
+
- a redacted preview of the configured license token (`set (AXON-...XXXX)` — last 4 chars only, never the full bearer credential)
34
+
35
+
## Renewal + upgrade path
23
36
24
37
If the user is on Free and asks about upgrading, tell them: a Pro license token arrives by email after Stripe Checkout completes, and they install it with `scripts/recover.sh apply-token` (or by setting `AXONFLOW_LICENSE_TOKEN`). Don't paste the token into chat — the script reads from stdin or env.
25
38
26
39
For richer governance activity (policy hits, override usage, audit volume), point the user to the `governance-status` skill, which calls the platform's `get_policy_stats` MCP tool.
40
+
41
+
The script extracts the JWT `exp` claim for display only; signature validation is the platform's job.
0 commit comments