Skip to main content
For current pricing and to subscribe, see the canonical pricing page. This page documents the technical limits, quotas, and usage rules for each plan.

Plans

PromptGuard has three self-service tiers and an Enterprise tier. All tiers include the full detection pipeline (regex, ML, and LLM-based detection).

Free

$0/month
  • 10,000 requests/month
  • 1 project, 1 API key
  • All detectors (ML + LLM)
  • PII detection and redaction
  • 24-hour log retention
  • Community support

Pro

$99/month
  • 100,000 requests/month
  • 5 projects, 5 API keys
  • Custom security policies
  • 7-day log retention
  • Email alerts and support

Scale

$199/month
  • 1,000,000 requests/month (soft limit)
  • Unlimited projects and API keys
  • Advanced analytics
  • 30-day log retention
  • Priority support (24hr)
  • 99.9% uptime SLA

Shadow AI

The plans above protect the AI features you build. Shadow AI — the browser extension and macOS/Windows desktop agent that stop your employees leaking data into public AI tools — is a distinct product you can use on its own or alongside the gateway.
  • Included with every plan: personal Shadow AI protects one of your own devices, metered against your existing request quota — no separate bill.
  • Scale and above: the fleet layer — MDM enforcement, an org-wide “required” policy, multi-device enrollment, and a per-employee usage rollup.
  • Standalone, per seat: for rolling out to a whole team (or using Shadow AI exclusively), priced per seat and sized to your fleet — cloud, hybrid self-hosted, or air-gapped.
Rolling out to a team? Shadow AI starts with a 14-day pilot. Book a pilot or see how it works and deployment modes.

Enterprise

Enterprise adds team management, SSO, compliance controls, and custom infrastructure options.

Organizations and RBAC

Team workspaces with role-based access control (Owner, Admin, Member, Viewer).

SSO & Directory Sync

Single sign-on via SAML or OIDC (Okta, Microsoft Entra ID, Google Workspace, and more), plus SCIM Directory Sync for automatic provisioning and deprovisioning.

Audit Logs and Compliance

Persistent audit trail with integrity hash chaining. GDPR data export and deletion endpoints.

Security Controls

IP allowlisting, webhook signing (HMAC-SHA256), and custom log retention.

Custom Limits

Custom monthly request quotas, rate limits, and retention periods per organization.

Dedicated Support

Custom SLAs and dedicated account manager.
Contact sales@promptguard.co for Enterprise pricing.

Compliance & Governance

Evaluating PromptGuard for your organization? Here’s where it stands:

Certifications

SOC 2 Type II in progress (Q2 2026) · GDPR / CCPA compliant · ISO 27001 / HIPAA on roadmap

Standards alignment

EU AI Act (Articles 9–15) and ISO/IEC 42001 — technical controls mapped.

Audit & data handling

Tamper-evident audit logs, pass-through architecture, configurable data residency and retention.

Full details

Read the complete Compliance & Security page.
Need a specific certification, a DPA, or a security questionnaire completed? Contact sales@promptguard.co.

Feature Comparison

FeatureFreeProScaleEnterprise
Monthly requests10,000100,0001,000,000Custom
Projects15UnlimitedUnlimited
API keys15UnlimitedUnlimited
Over-limit behaviorBlock, or pay-as-you-goBlock, or pay-as-you-goSoft limitSoft limit
Pay-as-you-go overageOpt-inOpt-inOpt-inOpt-in
Regex-based detectionYesYesYesYes
ML-enhanced detectionYesYesYesYes
LLM-based detectionYesYesYesYes
Secret key detectionYesYesYesYes
URL filteringYesYesYesYes
Jailbreak LLM detectionYesYesYesYes
Tool injection detectionYesYesYesYes
Content safety classificationYesYesYesYes
Multi-turn drift detectionYesYesYesYes
Custom policiesYesYesYes
PII redactionYesYesYesYes
Auto-instrumentationYesYesYesYes
Guard APIYesYesYesYes
Agent Security APIYesYesYesYes
Framework integrationsYesYesYesYes
Log retention24 hours7 days30 daysCustom
Advanced analyticsYesYes
Email alertsYesYesYes
Audit logsYes
GDPR export/deletionYes
Organizations & RBACYes
Per-project rolesYes
SSO (SAML & OIDC)Yes
Directory Sync (SCIM)Yes
IP allowlistYes
Webhook signingYes
Custom retentionYes
Idempotency keysYesYesYesYes
Rate limit headersYesYesYesYes
SupportCommunityEmailPriorityDedicated
Uptime SLA99.9%99.95%

Integration Methods

All plans include every integration method:
MethodDescriptionBest For
Auto-instrumentationpromptguard.init() — one line secures all LLM callsMost applications
Guard APIPOST /api/v1/guard — scan content directlyCustom workflows
HTTP ProxyChange base URL to api.promptguard.coDrop-in replacement
Framework integrationsNative callbacks for LangChain, Vercel AI SDKFramework users

Rate Limits

Monthly Request Quotas

Monthly quotas are tracked per account:
PlanLimitBehavior When Exceeded
Free10,000Blocks with 429 until you upgrade or enable pay-as-you-go
Pro100,000Blocks with 429 until you upgrade or enable pay-as-you-go
Scale1,000,000Continues processing (soft limit) + email alerts
EnterpriseCustomContinues processing + alerts
See Reaching your limit for how to avoid an outage when you hit a quota.

Per-Minute Rate Limits

Per-account requests-per-minute limits:
PlanRate Limit
Free60 rpm
Pro300 rpm
Scale600 rpm
Enterprise1,000 rpm (custom on request)

Infrastructure Anti-Abuse Limiting

Separately from your plan limits, a Cloud Armor layer enforces a per-IP request limit at the network edge:
  • Applies to all plans, independent of the per-account limits above
  • Health-check and CORS preflight paths are exempt
  • Exists to block abusive traffic, not to cap normal usage

Reaching your limit

PromptGuard is designed so you never lose protection at a critical moment. As you approach your monthly quota, the dashboard shows a banner at 90% used, and again when you hit 100%. When you reach your limit, you have two ways to keep serving traffic:

Upgrade your plan

Move to a higher tier for a larger monthly quota. Upgrades take effect immediately — traffic resumes the moment you upgrade.

Enable pay-as-you-go

Keep your current plan and pay only for requests above your quota, billed per request at the end of the cycle. Turn it on from the at-limit banner or Settings → Billing.
On Free and Pro, requests over the quota return 429 Too Many Requests until you upgrade or enable pay-as-you-go — at which point traffic resumes. On Scale and Enterprise, the quota is a soft limit: traffic keeps flowing and you’re alerted, with overage billed if pay-as-you-go is enabled.
Pay-as-you-go is opt-in — you’re never charged for overage unless you turn it on. The 429 response includes a link to enable it, so an over-quota integration can recover without code changes.
Set a budget you’re comfortable with. Pay-as-you-go trades a hard stop for usage-based cost, so monitor Settings → Billing → Usage to avoid surprises during a traffic spike.

How Usage Is Calculated

One request = one API call to any of these endpoints:
EndpointCounts as
POST /api/v1/chat/completions1 request
POST /api/v1/completions1 request
POST /api/v1/guard1 request
POST /api/v1/agent/validate-tool1 request
Usage is independent of token count, model used, or response length.
PromptGuard uses a pass-through model: you provide your own LLM API keys (OpenAI, Anthropic, etc.), and PromptGuard only charges for security services. LLM costs go directly to your provider.

FAQ

Yes. Upgrade or downgrade at any time. Upgrades take effect immediately; downgrades at the next billing cycle.
You won’t be locked out without a choice. On Free and Pro, over-quota requests return 429 Too Many Requests until you either upgrade or enable pay-as-you-go — then traffic resumes. Scale and Enterprise use soft limits, so your app keeps running and you receive alerts. See Reaching your limit.
An opt-in valve so you don’t lose protection when you hit your quota. With it enabled, requests above your monthly limit keep being processed and are billed per request at the end of the cycle. It’s off by default — you’re never charged for overage unless you turn it on.
The Free tier (10,000 requests/month) includes the full detection pipeline. Use it to evaluate before upgrading.
Self-hosted deployment is available for Enterprise customers. Contact sales@promptguard.co for details.
Yes. Every API call counts, including retries and blocked requests.