I really hope someone from any of those companies (if possible all of them) would publish a very clear statement regarding the following question: If I build a commercial app that allows my users to connect using their OAuth token coming from their ChatGPT/Claude etc. account, do they allow me (and their users) to do this or not?
I totally understand that I should not reuse my own account to provide services to others, as direct API usage is the obvious choice here, but this is a different case.
I am currently developing something that would be the perfect fit for this OAuth based flow and I find it quite frustrating that in most cases I cannot find a clear answer to this question. I don't even know who I would be supposed to contact to get an answer or discuss this as an independent dev.
EDIT: Some answers to my comment have pointed out that the ToS of Anthropic were clear, I'm not saying they aren't if taken in a vacuum, yet in practice even after this being published some confusion remained online, in particular regarding wether OAuth token usage was still ok with the Agent SDK for personal usage. If it happens to be, that would lead to other questions I personally cannot find a clear answer to, hence my original statement. Also, I am very interested about the stance of other companies on this subject.
Maybe I am being overly cautious here but I want to be clear that this is just my personal opinion and me trying to understand what exactly is allowed or not. This is not some business or legal advice.
The biggest reason why this is confusing is the Claude Agent SDK[0] will use subscription/oauth credentials if present. The terms update implies that there's some use cases where that's ok and other use cases (commercial?) where using their SDK on a user's device violates terms.
The SDK is Claude Code in a harnesss, so it works with your credentials the same way CC does.
But they're stating you can only use your subscription for your personal usage, not someone else's for their usage in your product.
I honestly think they're being short sighted not just giving a "3rd party quota" since they already show users like 4 quotas.
If the fear is 3rd party agents screwing up the math, just make it low enough for entry level usage. I suspect 3rd party token usage is bi-modal where some users just need enough to kick tires, but others are min-maxing for how mamy tokens they can burn as if that's its own reward
How can they be clearer that the Agents SDK is not allowed?
> OAuth authentication (used with Free, Pro, and Max plans) is intended exclusively for Claude Code and Claude.ai. Using OAuth tokens obtained through Claude Free, Pro, or Max accounts in any other product, tool, or service — including the Agent SDK — is not permitted and constitutes a violation of the Consumer Terms of Service.
I agree, it'd actually be great if they did give maybe $5 or $10 worth of API tokens per month to max subscribers, since they're likely to be the most likely to actually build stuff that uses the Claude APIs.
I built a quick thing to download YouTube videos and transcribe them using with whisper, but it kind of feels clunky to summarize them using the claude CLI, even though that works.
just ran into this myself. I got Claude Code to build a tool that calls Claude for <stuff>. Now I have to create a console account and do the API thing and it sucks balls.
> not someone else's for their usage in your product.
what if the "product" is a setup of documents that concisely describe the product so that a coding agent can reliable produce it correctly. Then the install process becomes "agent, write and host this application for the user's personal use on their computer". Now all software is for personal use only. Companies released these things and, like Frankenstein, there's a strong possibility they will turn on their creators.
And at that point, you might as well use OpenRouter's PKCE and give users the option to use other models..
These kinds of business decisions show how these $200.00 subscriptions for their slot/infinite jest machines basically light that $200.00 on fire, and in general how unsustainable these business models are.
Can't wait for it all to fail, they'll eventually try to get as many people to pay per token as possible, while somehow getting people to use their verbose antigentic tools that are able to inflate revenue through inefficient context/ouput shenanigans.
I think the subscription pricing exists because it’s a far more palatable way to bill people for day to day personal use.
I used Claude back when API per token pricing was the only option and it was bad for all the usual reasons pay-per-use sucks compared to flat billing: you’re constantly thinking about cost. Like trying to watch a Netflix video with a ticker in the corner counting up the cents you owe them.
I don’t understand your claim that they want people paying per token - the subscription is the opposite of that, and it also has upsides for them as a business since most people don’t saturate the usage limits, and the business gets to stuff a bunch of value-adds on a bundle offering which is generally a more lucrative and enticing consumer pricing model.
The bundle only works if it’s +EV for them. A lot of analyses (though not all - it’s complicated) say that the $200/mo bundle (and certainly the $20/mo bundle) costs more than that for most users, and the bundle is currently a loss leader. If so, then eventually prices will need to go up, and API per usage pricing will seem much more attractive.
At least theoretically, the bill would work on a “wallet” system, where you fill up your account with $X every month, and then you’re charged per use. That keeps there from being a huge bill, worst case you’re just on hold until the next fill up.
I'm not going to say what platform but it's an agentic coding tool, I know for a fact the platform loses in the mid $200.00s on a $20.00 plan. 10:1 loss leader for customer acquisition is crazy, and they'll have to make that up in the future somehow, they're all fumbling on how to vendor lock their customers, and its not necessarily clear they're going to be able to.
I expect some big falls from 10 figure businesses in the next year or two as they realize this is impossible. They've built an industry on the backs of gambling addicts and dopamine feins (I'm generalizing but this is a thing with LLM users (just read vibe coders posts on twitter, they're slot machine users). Ask sports betting operators from back in 2019-2022 how it worked out for them when they tried to give out 1-2k a year to attract new customers, and then realized their customers will switch platforms in an instant they see a new shiny offer. Look up the Fanduel Founders "exit" for an insight into this.
They have to eventually stop catering to the slot machine users, which are generally paying for these hugely lossy flat rate subscriptions, and somehow get them used to a different type of payment model, or cater strictly to enterprise... Which also aren't going to tolerate paying 20k a month in tokens per developer, is my guess.... Lots of delicate pricing problems to figure out for all these companies.
That's crazy. I'm already barely willing to pay $10/month on Github Copilot. A product I love. Best value for money.
If they pump it up to $200 (or to $20). I'll simply use crappier local model. It won't be as good. But I already own my gaming PC that can run local models, and electricity is cheap.
Found the guy who's chasing the llm output dragon. Get your fix bud.
The addictive gaming/gambling mechanics built into llm interfaces has been extensively written on, and its very visible to anyone with an eye for these things.
The cost difference is pretty staggering for the same usage. Being on the sub hacks your reward system to push you to be productive, legitimately hitting limits feels like a win, and you start looking for ways to max your utilization %. A lot of people get quite obsessive about it. The sub is 100% the innovation that makes Claude Code "work."
If the pay-per-use cost predictable enough, it’s less of an issue. That’s how electricity works and it’s fine.
The issue with Claude Code is it’s not at all obvious how any given task or query translates to cost. I was finding some days I spent very little and other days cost a fortune despite what seemed to me to be similar levels of usage.
You are talking about Anthropic and indeed compared to OpenAI or GitHub Copilot they have seemed to be the ones with what I would personally describe as a more restrictive approach.
On the other hand OpenAI and GitHub Copilot have, as far as I know, explicitly allowed their users to connect to at least some third party tools and use their quotas from there, notably to OpenCode.
What is unclear to me is whether they are considering also allowing commercial apps to do that. For instance if I publish a subscription based app and my users pay for the app itself rather than for LLM inference, would that be allowed?
Same question here. A while ago I read rumors OpenAI might build a "Login with OpenAI" (comparable to login with Apple, Facebook, Google) so people can also use their existing sub in commercial apps. Hope it's true.
This can make Opencode work with Claude code and the added benefit of this is that Opencode has a Typescript SDK to automate and the back of this is still running claude code so technically should work even with the new TOS?
So in the case of the OP. Maybe Opencode TS SDK <-> claude code (using this tool or any other like this) <-> It uses the oauth sign in option of Claude code users?
Also, zed can use the ACP protocol itself as well to make claude code work iirc. So is using zed with CC still allowed?
> I don't see how they can get more clear about this, considering they have repeatedly answered it the exact same way.
This is confusing quite frankly, there's also the claude agent sdk thing which firloop and others talked about too. Some say its allowed or not. Its all confusing quite frankly.
That should be fine, because it's still using their tooling. And this seems like the better way to go. I have a couple of tools that work like this. I think the issue is mostly 3rd party harnesses that seek to do the same as Claude Code. And it seems reasonable that Anthropic decides how you can use the subscription, because it's heavily subsidized. Get a Claude $200 sub and max out the usage limits, then compare that usage to the cost of using their API. The difference is significant, which is why people are getting multiple $200 subs rather than paying for API usage (and I have seen reports where they are cracking down on this as well.)
Okay, I was mistaken. The tooling I was speaking of uses Claude Code rather than the SDK. One uses the Zed ACP protocol. I'm not sure about the other. I should have said Claude Code rather than the SDK. For example, I can run a session through one of the tools, and then access that session directly in Claude Code. It's still Claude though. It seems the important element is that you're not using OAuth tokens from a sub to use in a different tool. If you go through Claude Code, then Claude Code is handling everything and giving your tool the output. Thanks for the correction.
That’s very clearly a no, I don’t understand why so many people think this is unclear.
You can’t use Claude OAuth tokens for anything. Any solution that exists worked because it pretended/spoofed to be Claude Code. Same for Gemini (Gemini CLI, Antigravity)
Codex is the only one that got official blessing to be used in OpenClaw and OpenCode, and even that was against the ToS before they changed their stance on it.
Codex app-server is the interface Codex uses to power rich clients (for example, the Codex VS Code extension). Use it when you want a deep integration inside your own product.
It mentions 'Inside your own product', but not sure if that means also your own commercial application.
By default, assume no. The lack of any official integration guide should be a clear sign. Even saying that you reverse-engineer Codex for apps to pretend to be Codex makes it clear that this is not an officially endorsed thing to do
Codex is Open Source though, so I wonder at what stage me adding features to Codex is different from me starting a new project and using the subscription.
But I believe OpenAI does let you use their subscription in third parties, so not an issue anyway.
But wouldn't a less efficient tool simply consume your 5-hour/weekly quota faster? There's gotta be something else, probably telemetry, maybe hoping people switch to API without fighting, or simply vendor lock-in.
> But wouldn't a less efficient tool simply consume your 5-hour/weekly quota faster?
Maybe.
First, Anthropic is also trying to manage user satisfaction as well as costs. If OpenCode or whatever burns through your limits faster, are you likely to place the blame on OpenCode?
Maybe a good analogy was when DoorDash/GrubHub/Uber Eats/etc signed up restaurants to their system without their permission. When things didn't go well, the customers complained about the restaurants, even though it wasn't their fault, because they chose not to support delivery at scale.
Second, flat-rate pricing, unlike API pricing, is the same for cached vs uncached iirc, so even if total token limits are the same, less caching means higher costs.
Again, subscription gives you a fixed allotment of tokens, doesn't matter if you consume them with claude code or with a 3rd-party tool, both get the same amount of tokens and thus cost Anthropic the same.
In fact it might even be better for Anthropic if people use 3rd-party tools that cache suboptimally because the cache hits don't consume the fixed allotment so claude code users get more of a free ride and thus cost Anthropic more money.
Presumably most people also do not use their full quota when using the official client, whereas third-party clients could be set up to start back up every 5 hours to use 100% of the quota every day and week.
It's the whole "unlimited storage" discussion again.
They'll own entire pipeline interface, conduit, backend. Interface is what people get habitual to. If I am a regular user of Claude Code, I may not shift to competitor for 10-20% gains in cost.
I think you're just trying to see ambiguity where it doesn't exist because the looser interpretation is beneficial to you. It totally makes sense why you'd want that outcome and I'm not faulting you for it. It's just that, from a POV of someone without stake in the game, the answer seems quite clear.
It is pretty obviously no. API keys billed by the token, yes, Oauth to the flat rate plans no.
> OAuth authentication (used with Free, Pro, and Max plans) is intended exclusively for Claude Code and Claude.ai. Using OAuth tokens obtained through Claude Free, Pro, or Max accounts in any other product, tool, or service — including the Agent SDK — is not permitted and constitutes a violation of the Consumer Terms of Service.
If you look at this tweet [1] and in particular responses under it, it still seems to me like some parts of it need additional clarification. For instance, I have seen some people interpret the tweet as meaning using the OAuth token is actually ok for personal experimentation with the Agent SDK, which can be seen as a slight contradiction with what you quoted. A parent tweet also mentioned the docs clean up causing some confusion.
None of this is legal advice, I'm just trying to understand what exactly is allowed or not.
Then they should speak to legal about fixing the ToS before making public statements about their intentions with it. It won't look good to show up at arbitration and have to explain why your public comms contradict your ToS.
>A flat fee, also referred to as a flat rate or a linear rate refers to a pricing structure that charges a single fixed fee for a service, regardless of usage.
There are no other definitions that‘s why they why internet flat rates got throttled instead of capped.
Throttling is the loop bole because you paid for usage not for speed but flat rate with a cap is simply a lie.
Acceptable use
Claude Code usage is subject to the Anthropic Usage Policy. Advertised usage limits for Pro and Max plans assume ordinary, individual usage of Claude Code and the Agent SDK
"""
That tool clearly falls under ordinary individual use of Claude code. https://yepanywhere.com/ is another such tool. Perfectly ordinary individual usage.
The TOS are confusing because just below that section it talks about authentication/credential use. If an app starts reading api keys / credentials, that starts falling into territory where they want a hard line no.
Is there a way to legally or even practically prevent this? `claude` CLI execution in a shell is certainly included in the subscription - it’s the product.
Usually, it is already stated in their documentation (auth section). If a statement is vague, treat it as a no. It is not worth the risk when they can ban you at any time. For example, ChatGPT allows it, but Claude and Gemini do not.
Maybe I am missing something from the docs of your link, but I unfortunately don't think it actually states anything regarding allowing users to connect and use their Codex quota in third party apps.
From TFA: “OAuth authentication (used with Free, Pro, and Max plans) is intended exclusively for Claude Code and Claude.ai. Using OAuth tokens obtained through Claude Free, Pro, or Max accounts in any other product, tool, or service — including the Agent SDK — is not permitted and constitutes a violation of the Consumer Terms of Service.”
One set of applications to build with subscription is to use the claude-go binary directly. Humanlayer/Codelayer projects on GitHub do this. Granted those are not ideal for building a subscription based business to use oathu tokens from Claude and OpenaAI. But you can build a business by building a development env and gating other features behind paywall or just offering enterprise service for certain features like vertical AI(redpanada) offerings knowledge workers, voice based interaction(there was a YC startup here the other day doing this I think), structured outputs and workflows. There is lots to build on.
I totally understand that I should not reuse my own account to provide services to others, as direct API usage is the obvious choice here, but this is a different case.
I am currently developing something that would be the perfect fit for this OAuth based flow and I find it quite frustrating that in most cases I cannot find a clear answer to this question. I don't even know who I would be supposed to contact to get an answer or discuss this as an independent dev.
EDIT: Some answers to my comment have pointed out that the ToS of Anthropic were clear, I'm not saying they aren't if taken in a vacuum, yet in practice even after this being published some confusion remained online, in particular regarding wether OAuth token usage was still ok with the Agent SDK for personal usage. If it happens to be, that would lead to other questions I personally cannot find a clear answer to, hence my original statement. Also, I am very interested about the stance of other companies on this subject.
Maybe I am being overly cautious here but I want to be clear that this is just my personal opinion and me trying to understand what exactly is allowed or not. This is not some business or legal advice.