Pricing
Simple pricing. No surprises.
Start free. Pay when you outgrow it. Cancel any time. Annual plans get 10% off.
Pro
PopularFor solo developers and small teams.
$29 / month
Team
For QA teams and growing engineering orgs.
$149 / month
| Feature | Free | Pro | Team | Enterprise |
|---|---|---|---|---|
| Inboxes | 5 | 50 | Unlimited | Unlimited |
| Messages / month | 1,000 | 50,000 | 500,000 | Custom |
| Retention | 24h | 30 days | 90 days | Custom |
| Concurrent waiters | 2 | 25 | 100 | Custom |
| Webhooks | — | ✓ | ✓ + scoped keys | ✓ + SSO/SCIM |
| API rate limit | 60 req/min | 600 req/min | 6,000 req/min | Custom |
| Support | Community | Email (24h) | Email (4h) + Slack | Slack + dedicated |
| SLA | — | — | 99.9% | 99.95% |
| SOC 2 / DPA | — | DPA | DPA | SOC 2 + DPA |
Frequently asked questions
Do I need a credit card to start?
No. The Free tier is forever-free and requires no card. You can upgrade to Pro any time from your account settings.
Can I switch plans?
Yes. You can upgrade, downgrade, or cancel any time from the customer portal. Billing is pro-rated to the day.
What happens at the end of the retention window?
Message bodies are auto-deleted from our database and S3 once the per-plan retention window expires. The audit log retains metadata (sender, timestamp, message ID) for 365 days for compliance.
How fast does an OTP arrive?
p95 end-to-end latency (sender → API client) is under 1 second. Most are under 500ms. We monitor this continuously and will publish a status page for transparency.
Do you support custom domains?
Custom domains are on the roadmap for the Team tier. Today, all addresses are at *@inbox.catchotp.com. Bring-your-own-domain will land alongside DKIM and DMARC tooling.
Is there an SDK for Go / Ruby / Java / .NET?
Node and Python ship today. Go is in beta. Ruby, Java, and .NET are by request — file an issue or email us and we will prioritize based on demand.
Can I cancel anytime?
Yes. There is no annual lock-in unless you pre-pay for an annual plan, which carries a 10% discount. Monthly plans cancel at the end of the current period.
What about GDPR / EU data?
All data is encrypted at rest with AWS KMS and in transit with TLS 1.3. A DPA is available on request. An EU region (eu-west-1) is on the roadmap.
Still on the fence?
Spin up a free account. You can integrate it into a test in five minutes.