1. Subscribe to a JSO AI tier

JSO AI is a separate add-on on top of any JSO obfuscation tier (including Free). Three tiers:

• Basic — $19/mo — 50 AI actions, 200K tokens.
• Corporate — $79/mo — 500 AI actions, 2M tokens.
• Enterprise — $299/mo — 5,000 AI actions, 20M tokens.

FreeTrial gives every account 10 free AI actions per month, forever, for tire-kicking. No subscription required to test the wire format.

Subscribe by signing in to the JSO AI dashboard and clicking Subscribe Basic (or Corporate / Enterprise). You'll be redirected to Stripe Checkout. Once you complete payment, Stripe sends a webhook back to us and your subscription is active within a minute. You can also create the checkout session via the API if you prefer to drive the flow yourself.

2. Grab your API key

API keys are at /dashboard/apikeys.aspx. Each key is shown as two base64 values: APIKey (an opaque identifier) and APIPwd (the password equivalent). Treat them like a username + password pair — never check them into source control; pass them via environment variables.

export JSO_API_KEY='<copy the APIKey value from the dashboard>'
export JSO_API_PASSWORD='<copy the APIPwd value from the dashboard>'

If you already have a JSO obfuscation API key, the same key works for AI — no separate key.

3. Make your first AI call

The four endpoints are preset-suggest, compat-check, explain-error, and usage. preset-suggest is the cleanest starting point.

curl

curl -fsS -X POST https://www.javascriptobfuscator.com/v1/ai/preset-suggest.ashx \
    -H "Content-Type: application/json" \
    -d "{
      \"APIKey\":      \"$JSO_API_KEY\",
      \"APIPwd\":      \"$JSO_API_PASSWORD\",
      \"description\": \"React SaaS frontend, balanced performance, lock to example.com\"
    }" | jq '.suggestion.config'

Python

import os, json, urllib.request

req = urllib.request.Request(
    "https://www.javascriptobfuscator.com/v1/ai/preset-suggest.ashx",
    data=json.dumps({
        "APIKey": os.environ["JSO_API_KEY"],
        "APIPwd": os.environ["JSO_API_PASSWORD"],
        "description": "React SaaS frontend, balanced performance, lock to example.com",
    }).encode("utf-8"),
    headers={"Content-Type": "application/json"},
    method="POST",
)
with urllib.request.urlopen(req) as r:
    body = json.loads(r.read())

if not body["ok"]:
    raise SystemExit(f"AI error: {body.get('error')}: {body.get('message')}")

print(json.dumps(body["suggestion"]["config"], indent=2))

Need other languages? AIClients.aspx has ten worked examples (Node, Go, .NET, Java, Ruby, PHP, Rust, Kotlin, plus the curl + Python here).

4. Understand the response

Every AI endpoint returns the same envelope:

{
  "ok":          true,
  "previewMode": false,
  "<result-key>": { ... },          // suggestion / report / explanation / (omitted for usage)
  "provider":    "claude",          // or "openai", "rule-based", "rule-based-fallback"
  "tokensIn":    420,
  "tokensOut":   180
}

If ok is false, the envelope is:

{
  "ok":      false,
  "error":   "input_invalid" | "auth_failed" | "quota_exhausted" | "rate_limited" | ...,
  "message": "human-readable detail"
}

HTTP status is 200 for the normal path (success or business-logic error) and 405 / 429 / 503 for protocol-level cases. Branch on ok in your client, not on the HTTP status. Full error-code matrix and JSON Schema are in the API reference.

5. Check your quota

The /v1/ai/usage.ashx endpoint is free to poll and returns the current month's counters. Wire it into your monitoring:

curl -fsS -X POST https://www.javascriptobfuscator.com/v1/ai/usage.ashx \
    -H "Content-Type: application/json" \
    -d "{\"APIKey\":\"$JSO_API_KEY\",\"APIPwd\":\"$JSO_API_PASSWORD\"}" \
    | jq '"\(.tier): \(.actionsUsed)/\(.actionsCap) actions (\(.actionsRemaining) remaining)"'

For Prometheus / Grafana: /download/jso-ai-quota-exporter.js is a 100-line, zero-dependency Node script that runs as a cron job and writes node_exporter textfile-format metrics. Cookbook recipe 13 has the full setup.

6. Block bad obfuscation builds before they ship

The jso-protector CLI now has a built-in AI gate. Add --ai-precheck to your existing obfuscation command and the AI will scan every input file before the obfuscation API is called. If anything in your source would break under obfuscation — eval, Function constructor, framework reflection traps, decorator metadata — the build aborts with a non-zero exit and the obfuscation quota is untouched.

# Single command, single round-trip. Add to any CI step you already run:
jso-protector --config jso.config.json --ai-precheck --ai-precheck-fail-on error

# Or run the gate stand-alone if you want to scan without obfuscating:
jso ai compat-scan --config jso.config.json --fail-on error

Gate levels: --ai-precheck-fail-on error (default), warning (paranoid), or never (advisory mode, only print findings). The same /v1/ai/compat-check endpoint backs both paths — --ai-precheck just folds it into the obfuscation flow so CI doesn't need a second step.

What's next

• Try the other endpoints. compat-check takes JS source and flags patterns that won't survive obfuscation. explain-error takes a runtime error and diagnoses the JSO transform that caused it. Each works the same way: POST JSON, parse JSON.
• Wire it into your CI. The production triage composition doc shows how to forward unhandled errors from a protected bundle to a webhook, call explain-error server-side, and post the diagnosis into your incident channel.
• Validate envelopes in CI. The wire format is formally specified at ai-wire-format.schema.json. Feed it to ajv / jsonschema / etc. to assert parsed responses; if the API ever drifts, your client fails loudly rather than silently misinterpreting.
• Manage your subscription. Click Manage subscription on the dashboard widget to open the Stripe billing portal (update payment method, view invoices, cancel). Self-service.