Last Updated: March 8, 2026
In January 2026, Anthropic started disabling Claude accounts. No warning. No grace period. Developers woke up to dead tools and lost subscription money. Some had violated Terms of Service. Others had not. I watched it unfold in real time across GitHub, Reddit, and inside our community.
This guide covers what actually triggers a ban, what does not, and what to do if your account gets caught.
What Happened in January 2026
On January 5, a user filed GitHub issue #6930 on OpenCode. They had logged in via OAuth, upgraded from Max 5x to Max 20x, and triggered an automated review. Account disabled within twenty minutes.
Four days later, Anthropic deployed a server-side switch. No announcement. At 02:20 UTC on January 9, third-party tools using Claude subscription OAuth tokens received a new error message: “This credential is only authorized for use with Claude Code and cannot be used for other API requests.”
Anthropic engineer Thariq Shihipar confirmed it on X. “Yesterday we tightened our safeguards against spoofing the Claude Code harness after accounts were banned for triggering abuse filters from third-party harnesses using Claude subscriptions.” He acknowledged erroneous bans and offered help via direct message.
Six weeks later, on February 19, Anthropic published formal Legal and Compliance documentation. By then, hundreds of developers had already learned the hard way.
I run Claude Code on a $5 VPS and a Mac. Every day. The system handles Telegram messages, manages my calendar, processes email. When accounts started dropping, I needed to understand exactly where the line sat.
Five Things That Will Get Your Account Suspended
These are confirmed triggers. Documented across GitHub issues, user reports, and Anthropic statements.
1. Using subscription OAuth in third-party tools
This causes most bans. Tools like OpenCode, OpenClaw, Roo Code, and Cline offered “Login with Claude” using your Pro or Max subscription OAuth. Anthropic now states explicitly: “OAuth authentication is intended exclusively for Claude Code and Claude.ai. Using OAuth tokens in any other product, tool, or service is not permitted and constitutes a violation of the Consumer Terms of Service” (source).
OpenCode spoofed HTTP headers to mimic Claude Code. OpenClaw captured OAuth tokens for routing agent requests through subscription billing. Both enabled $200 per month flat-rate access for workloads that would cost $1,000 through API keys.
The economic incentive was obvious. The enforcement was predictable.
2. Sharing account credentials
Consumer Terms Section 2 prohibits sharing login information, API keys, or account credentials. “You may not share your Account login information, Anthropic API key, or Account credentials with anyone else or make your Account available to anyone else” (source).
This includes letting a colleague use your subscription, sharing API keys publicly, or logging into one account from multiple devices that create conflicting session patterns.
3. Automated access without API keys
Section 3.7 prohibits accessing services “through automated or non-human means, whether through a bot, script, or otherwise” except via API Key or explicit authorization (source).
In practice: if you build a cron job, a Telegram bot, or any automated system that calls Claude, use API keys. Consumer subscription OAuth covers human-driven interactive use only. Claude Code CLI with the -p flag counts as explicit authorization. But wrapping that subscription token inside a custom script does not.
This is exactly why GoBot, my always-on Telegram AI assistant, uses API keys for all automated VPS tasks. The Mac side runs claude -p with subscription billing for interactive work. Two authentication methods, each following the rules for its context. The free Telegram Bot Course covers this hybrid setup from first install.
4. VPN and datacenter IP patterns
Anthropic flags unusual IP behavior. Rapid IP changes from VPN hopping, datacenter addresses matching known proxy ranges, and login attempts from multiple geographic regions in short timeframes all trigger automated reviews.
GitHub issue #21678 documents Cloudflare blocking entire Hetzner datacenter IP ranges. Residential IP addresses receive different treatment from datacenter IPs.
I run my VPS on Hostinger with a stable IP. No VPN. No IP switching. Zero issues in months of continuous operation.
5. Triggering automated reviews with account changes
Multiple users report immediate bans after upgrading plans or changing payment methods. GitHub issue #5088, with 143 comments and zero Anthropic responses, documents this extensively.
One user wrote: “I assisted my colleagues with renewal of their Claude Pro, Claude Max5x, and Claude Max20x accounts. However, some of these accounts were subsequently banned.” Another was banned after switching from a credit card to Apple Pay.
These appear as false positives from automated detection. Billing changes trigger security reviews. If anything else about your account looks unusual at that moment, you get flagged.
Five Things That Will Not Get You Banned
Fear spreads fast on Reddit and Hacker News. Here is what remains actually safe.
Running Claude Code on a VPS
Anthropic has no location restrictions in their Terms of Service. Nothing prohibits running the Claude Code binary on a remote server. Their authentication docs support API keys that work on any machine, and their Legal and Compliance page draws the line at using OAuth tokens in third-party tools. Not at where you run Claude Code itself.
I have run Claude Code on a Hostinger VPS every single day since October 2025. Not a whisper of trouble. My setup uses a hybrid approach. The VPS runs 24/7 with API keys for automated tasks. My Mac handles interactive sessions with a Max subscription. Two machines, two billing methods, one system. For how I set this up, see my VPS authentication guide.
Using Claude Code in CI/CD pipelines with API keys
Anthropic documents GitHub Actions and GitLab CI/CD integration using claude -p with API keys. Automated workflows using ANTHROPIC_API_KEY are explicitly supported. GitHub Actions, cron jobs, deployment scripts. All sanctioned through API billing.
Heavy daily usage on a Max plan
Anthropic’s Legal and Compliance page states that “advertised usage limits for Pro and Max plans assume ordinary, individual usage of Claude Code and the Agent SDK” (source). Working intensively for 8 hours a day on a Max plan qualifies as ordinary individual usage. You are paying for that capacity.
Using the Agent SDK with API keys
The Legal and Compliance page states explicitly that OAuth tokens cannot be used with the Agent SDK. The Python and TypeScript SDK packages require API key authentication. One nuance worth noting: claude -p is the Agent SDK CLI, but it runs inside the Claude Code binary. So subscription billing still works for claude -p calls. The restriction targets the standalone SDK packages used in custom applications.
Running multiple MCP servers
MCP servers are a core Claude Code feature. Running 5, 10, or 20 MCP servers on your machine or VPS violates nothing. I run 13 MCP servers in my daily setup. Gmail, Calendar, Notion, Google Workspace, communication tools. GoBot connects to all of them through a single Telegram interface. Anthropic built the protocol for exactly this purpose.
How Anthropic Detects Violations
Understanding the detection signals helps avoid false positives.
Client fingerprinting. Claude Code sends specific telemetry headers. Third-party tools that spoof these headers get detected because traffic patterns differ from genuine sessions. Thariq Shihipar confirmed this: third-party harnesses “generate unusual traffic patterns without any of the usual telemetry that the Claude Code harness provides.”
IP analysis. Anthropic distinguishes residential from datacenter IP addresses. Rapid IP changes, VPN usage, and shared datacenter IPs receive heightened scrutiny.
Behavioral analysis. Bot-like interaction patterns. Inhuman speed. Repetitive request structures. These differ measurably from how humans interact with Claude Code.
Billing anomalies. Plan upgrades, payment method changes, and unusual usage spikes trigger automated security reviews.
If Your Account Gets Suspended
Anthropic provides two channels for appeals.
For safety warnings: Email usersafety@anthropic.com with your account details.
For account disablement: Fill out their official appeal form. Include your account email, a description of your usage, and any relevant context. Be specific and honest about what tools you were using.
Response times vary. Users on GitHub report waiting days to weeks. Some appeals succeed. Some receive generic denials that do not explain the trigger.
While waiting, create a separate Anthropic Console account for API key access. Console accounts are independent of subscriptions. A consumer account suspension does not affect your API Console. Do not create a new consumer account to circumvent a ban. Usage Policy explicitly prohibits this: “Circumvent a ban through the use of a different account” (source).
The Setup That Keeps You Safe
Here is what I actually run. Every day. No issues.
My Mac handles interactive work. Claude Code CLI with a Max subscription. Full MCP server access. Gmail, Calendar, Notion, all connected. When I sit at my desk and work with Claude Code, subscription billing covers everything. Zero per-token charges.
My VPS handles automation. GoBot runs 24/7 with API keys from Anthropic Console. A single ALLOWED_USER_ID blocks everyone except me. Smart model routing sends simple queries to Haiku, medium tasks to Sonnet, complex decisions to Opus. A daily budget cap prevents surprises. Voice messages, calendar management, email processing, multi-agent board meetings. All through one Telegram chat.
Two billing methods. Two contexts. Server handles automation. Laptop handles creative work. Neither triggers any detection system because both follow Anthropic’s rules exactly.
366+ professionals in the Autonomee community build similar setups. Each person runs their own instance on their own infrastructure. Own data. Own server. Own API keys. Some connect Claude Code to Google Chat, Microsoft Teams, Discord, WhatsApp, and Slack.
General hygiene rules:
- Use a stable IP address. Avoid VPN while logged into Claude.
- Do not upgrade plans or change payment methods during high-volume usage periods.
- Use API keys for all automated and programmatic workloads.
- Keep subscription OAuth exclusively for Claude Code and Claude.ai.
- Never extract OAuth tokens for use in third-party tools.
For a deeper dive into specific Terms of Service language, read my full ToS breakdown. For practical authentication setup on a server, see my VPS authentication guide.
Why This Matters for Building AI Agents
If you are building an always-on AI assistant, API keys are not just safe. They are required. Anthropic made this official with their Agent SDK mandate in February 2026.
The free Telegram Bot Course walks through the full setup. From first install to a running AI assistant with memory, voice, and background services. For the advanced hybrid architecture with model routing, multi-agent board meetings, and 25+ features, that is what we build together inside Autonomee.
The rules are clear now. The tools exist to follow them. Build accordingly.
Frequently Asked Questions
Why was my Claude account suspended without warning?
Anthropic can disable accounts without prior notice. Consumer Terms Section 13 permits suspension “at any time without notice” for material breach or security concerns. Common triggers include using OAuth tokens in third-party tools, VPN usage, and billing changes that coincide with unusual activity patterns. You can appeal through their official appeal form.
Can I use Claude Code with OpenCode or Cline using my subscription?
No. Using subscription OAuth tokens in any third-party tool violates Consumer Terms of Service. This applies to OpenCode, OpenClaw, Cline, Roo Code, and any tool that is not Claude Code or Claude.ai. You can use these tools with API keys from Anthropic Console, which remains fully permitted. The free Telegram Bot Course walks through setting up API key authentication correctly.
Is my Claude account at risk if I use a VPN?
VPN usage increases your risk of triggering automated reviews. Rapid IP changes and datacenter IPs receive heightened scrutiny. If you must use a VPN, choose a residential IP service and avoid switching servers frequently. For Claude Code on a VPS, use a stable datacenter IP rather than routing through a VPN.
How long does the Claude account appeal process take?
Anthropic publishes no expected timelines. Users on GitHub report waiting anywhere from a few days to several weeks. Some appeals succeed, especially when bans resulted from false positives during plan upgrades or payment changes. Include your account email, a clear description of your usage, and any relevant context.
What is the difference between a consumer account ban and an API account ban?
Consumer accounts and API Console accounts are separate systems. A consumer suspension does not affect your API Console access. You can continue using API keys for development while appealing a consumer ban. Creating a new consumer account to circumvent a ban remains explicitly prohibited by Usage Policy.
