Auth & Rate Limits
Authentication
Section titled “Authentication”All authenticated calls use an API key sent as the X-API-Key header.
curl -sS https://mcp.aleatoric.systems/ \ -H "X-API-Key: $ALEATORIC_API_KEY"Rate limits (what to expect)
Section titled “Rate limits (what to expect)”Rate limiting protects service availability. If you exceed your allowed request rate, you may receive an HTTP 429 response.
Plan limits
Section titled “Plan limits”| Plan | Included usage | Overages | Notes |
|---|---|---|---|
| Starter | 100k MCP pulls / month; 5M modeled events included | $0.50 / 1k pulls | Intended for evaluation and small integrations |
| Pro | 1M MCP pulls / month; 50M modeled events included | $0.50 / 1k pulls | Intended for production workloads |
| Enterprise | Unlimited (contracted) | Custom | Dedicated capacity and SLA terms |
Retry/backoff guidance (safe)
Section titled “Retry/backoff guidance (safe)”- Treat
429and transient5xxerrors as retryable. - Use exponential backoff with jitter (for example: 0.5s, 1s, 2s, 4s … up to a reasonable max).
- Do not retry indefinitely; cap attempts and surface a useful error to the caller.
- Prefer fewer, larger batch requests over many tiny ones when appropriate.
Common HTTP status codes
Section titled “Common HTTP status codes”| Status | Meaning | What to do |
|---|---|---|
400 | Invalid request payload | Validate JSON and required fields; start from docs examples. |
401 | Not authenticated | Check X-API-Key is present and correct. |
403 | Not authorized | Your key may not have access to that operation. |
404 | Route not found | Check the endpoint path and method. |
429 | Rate limited | Back off and retry with jitter; reduce request rate. |
5xx | Server error | Retry with backoff; if persistent, report the request id/time and endpoint. |
What’s next
Section titled “What’s next”- Find the right call fast: API Index
- Get request/response shapes: API Reference