Anthropic Bans Unauthorized Third-Party Tool Access
Anthropic has clarified its policy to ban unauthorized third-party tool access to its Claude models. The move signals a tightening of control over how its API and models are used, particularly in enterprise contexts. This policy may impact the flexibility of developers and companies integrating Claude into multi-vendor toolchains.
- The policy clarification aims to prevent "token arbitrage," where users on flat-rate consumer subscriptions (Pro, Max) accessed API-level token volumes through third-party tools at a fraction of the pay-as-you-go API cost. - Enforcement began on January 9, 2026, with server-side checks that blocked authentication from third-party tools using subscription-based OAuth tokens, leading to some automated account bans. - The ban specifically prohibits the use of OAuth tokens from Free, Pro, or Max plans in any service other than the official `claude.ai` web interface and the Claude Code tool, directing developers to use official API keys for integrations. - This change broke popular developer tools like OpenCode, which has over 56,000 stars on GitHub, as they worked by spoofing the Claude Code client identity to authenticate. - The move sparked significant backlash from prominent developers, including Ruby on Rails creator David Heinemeier Hansson, who labeled the policy "very customer hostile." - Anthropic's stated rationale extends beyond revenue, citing the need to maintain a direct data and telemetry feedback loop from its own tools to improve the product and to block competitors like xAI from using Claude via third-party harnesses. - This action is part of a broader industry trend where foundation model providers like OpenAI and Google are also tightening terms to prevent being commoditized by "wrapper" applications that build on their APIs.
