Locations

Resources

Careers

Contact

Contact us

Java licensing

Oracle Java Licensing Changes (2025–2026 Guide)

Oracle Java licensing is entering a new era of cost and compliance risk.

Since 2019, Oracle has repeatedly changed the rules for using Java, transforming what was once a free development platform into a revenue-generating product with complex terms.

In this 2025–2026 guide, we provide an independent expert analysis of recent Oracle Java licensing changes and their implications for your enterprise.

oracle java audit

**ALERT** Has Oracle contacted you about a Java license?

Download our Oracle Java Audit white paper to learn how to respond to and avoid common pitfalls.

In the white paper, we cover:

  • Recommendations for responding to an Oracle soft audit
  • Oracle’s soft audit process
  • Oracle’s formal audit process
  • The kind of data Oracle may have on your organization’s Java product downloads.

Why Oracle Java Licensing Matters More Than Ever

Java’s ubiquity in enterprise IT:

Java is one of the most widely used software platforms in the world.

From business-critical web applications to backend services and desktop tools, Java underpins a huge portion of enterprise software. Chances are, your organization runs dozens (if not hundreds) of applications that rely on Java.

This ubiquity means Oracle’s Java licensing changes can have a sweeping impact on your IT environment and budget.

A small change in Java’s licensing terms can suddenly put many systems out of compliance or introduce new costs across the organization.
The most complete Java licensing changes guide.

Why Oracle keeps changing the rules:

Oracle acquired Java (via Sun Microsystems) in 2010 and initially maintained Java as a free platform for users. However, over the past few years, Oracle has made strategic shifts to aggressively monetize Java.

The company has introduced new licensing models and restrictions in stages, first requiring paid subscriptions for certain uses, then limiting free updates, and most recently switching to a costly per-employee licensing scheme.

Oracle continually updates the Java licensing model to maximize revenue and foster lock-in. They know that enterprises depend on Java, and by tightening license terms, Oracle can force customers into paid subscriptions or risk non-compliance.

For enterprises, this means Java is no longer an afterthought; it’s a significant compliance topic and potential budget line item.

In short, Oracle Java licensing matters more than ever in 2025, as nearly every large organization utilizes Java, and Oracle’s evolving rules are creating new financial and legal exposure.

Timeline of Oracle Java Licensing Changes (2019–2026)

🎥 The Truth About Oracle’s Java Licensing Change | Java Audit Risk & Compliance Strategy

Oracle’s approach to Java licensing has evolved dramatically from 2019 through 2025, fundamentally altering how businesses must license Java.

Below is a timeline of key Oracle Java licensing changes from 2019 to 2026:

  • 2019 – End of Free Public Java Updates: Oracle announced that, as of January 2019, free public updates for Java SE 8 (and later) would no longer be provided for commercial use. In April 2019, Oracle effectively ended the era of “free Java” for businesses. They replaced the old free Java license (the Binary Code License, or BCL) with a new Oracle Technology Network (OTN) License for Java 8 and Java 11. Under the OTN license, Oracle Java remained free for personal, development, and testing purposes, but not for production use in a business environment. Any commercial or production use of Oracle Java after this point required a paid Java SE subscription. This was the first time companies had to budget for Java just to get critical security patches. Many organizations were caught off guard in 2019, as something that had been free for decades suddenly carried a price tag for ongoing updates.
  • 2021 – Introduction of the “No-Fee Terms and Conditions” (NFTC) License: In September 2021, alongside the release of Java 17 (a Long-Term Support version), Oracle introduced a new license called No-Fee Terms and Conditions (NFTC). The NFTC license was Oracle’s response to backlash over Java fees. It allowed organizations to use Oracle JDK free of charge, including in production, but only for a limited time. Specifically, the NFTC allowed free use of Java until one year after the next Long-Term Support (LTS) release. In practice, for Java 17, this meant free updates and use from 2021 until late 2024 (one year after the release of Java 21). Oracle’s goal was to keep customers on the latest Java version by offering a temporary free period. However, once the grace period ended, the license for that Java version would revert to the stricter OTN terms, meaning a paid subscription would then be required to continue receiving updates. The NFTC license provided enterprises with a short-term, free runway on new Java versions. However, it was not a permanent solution – it was a ticking clock that still funneled users toward paid licenses after the free trial period ended.
  • 2023 – Switch to an Employee-Based Java Subscription Model: In January 2023, Oracle introduced the most significant change to its Java licensing model to date. Oracle overhauled its Java SE subscription model by introducing the Oracle Java SE Universal Subscription, which uses a per-employee licensing metric. This change eliminated the legacy licensing models (which were based on counting Named Users or Processors). Under the new scheme, companies must license Java based on their total number of employees, including all full-time, part-time, and temporary employees, as well as contractors. Crucially, this count is regardless of how many of those employees use Java. If your organization has 10,000 employees worldwide, and perhaps only 500 use Java in their daily work, Oracle’s new model still considers all 10,000 in the licensing count. In exchange, the subscription covers unlimited Java use across the organization (an “all you can eat” model – you can deploy Oracle Java on any number of devices or servers). Oracle pitched this as a simplification, stating that there is no need to track specific installations or CPUs. However, many customers saw it as a huge price increase. For example, under the old model, a company might have paid for 100 server licenses or a few hundred user licenses; under the new model, the same company might be asked to pay for thousands of employees. Oracle’s price for the Universal Subscription was set at a list price of $15 per employee per month (with volume discounts available), meaning a company of 10,000 employees could face an annual Java bill in the millions. Existing customers who already had Java SE subscriptions on the old metrics were theoretically allowed to renew under the old terms. Still, Oracle made this difficult (often requiring an audit or pushing for the new model during renewal). The clear message from Oracle in 2023 was that the employee-based model is the future, and older contracts will be phased out in favor of this new universal licensing approach. Read this excellent guide on the Oracle Java licensing changes.
  • 2024 – End of Java 17 Free Updates & Audit Crackdown: By October 2024, Oracle’s free update period for Java 17 under the NFTC license officially ended (one year after Java 21’s release). This meant that running Java 17 in production beyond late 2024 would require a paid license to continue receiving security patches. Companies that had been coasting on Java 17’s free updates now had to make a choice: either start paying Oracle for a Java subscription or migrate to a non-Oracle Java distribution to remain on a supported, secure platform. This 2024 deadline effectively ended the “free ride” many enterprises enjoyed with Java 17 and earlier NFTC versions. At the same time, Oracle significantly intensified its enforcement of Java licensing compliance. Throughout 2024, organizations began reporting a sharp increase in Oracle’s audit activities focused on Java. Oracle’s license management and GLAS (Global License Advisory Services) teams started actively auditing companies for unlicensed Java usage. Even businesses that had primarily used alternative Java distributions (like OpenJDK builds from other vendors) were approached, since Oracle wanted to ensure no Oracle JDK binaries were lurking in their environments without a license. “Friendly” inquiries from Oracle reps about Java usage became common in 2024, often as a prelude to a formal audit. By the end of 2024, it was clear that Java had become a major compliance focus for Oracle, on par with their database and other lucrative software products. For the specifics of the NFTC license and its deadlines, see our guide to NFTC Java license changes.
  • 2025–2026 – Audits and Licensing Lock-In Intensify: Looking ahead, Oracle Java licensing changes in 2025 and 2026 will primarily be about enforcement and lock-in. Oracle’s aggressive audit stance is expected to continue or even ramp up further. As more enterprises resist the expensive per-employee model or try to transition away, Oracle is likely to double down on compliance to keep Java customers in line. We anticipate that in 2025, Oracle will continue to encourage all remaining legacy Java subscription customers to transition to the Universal Subscription. Companies whose old Java contracts come up for renewal in 2025 may find Oracle unwilling to extend legacy terms, effectively forcing them to either move to employee-based pricing or leave their systems unsupported. By 2026, Oracle will also have another LTS Java release (Java 21’s free period ends in 2026, and Java 25 is expected as the next LTS), which means another wave of customers facing the end of a free NFTC period. Oracle will use these milestones to tighten its grip – expect more audit notices, reduced flexibility in contracts, and potentially even price increases for Java subscriptions as time progresses. In short, 2025–2026 is a period where Oracle’s strategy is to lock in as many customers as possible into long-term Java subscription deals. Enterprises that haven’t addressed their Java licensing by now will be at high risk of audits or forced compliance measures during this period.

Discover how this timeline influences our strategic outlook in the 2025–2026 Oracle Java Licensing Guide.

Bottom line:

In just a few years, Oracle Java licensing has gone from a non-issue to a top concern for IT and finance leaders. Understanding this timeline of changes from 2019 to 2026 is key to anticipating Oracle’s next move and preparing your organization accordingly.

Related articles:

Oracle’s Current Java Licensing Models Explained

As of 2025, Oracle offers (or enforces) a few different Java licensing models, depending on your situation. It’s essential to understand these models, particularly if your enterprise has existing Java agreements or is considering new ones.

Here’s an explanation of each:

Legacy Perpetual Java Licenses (Java SE Advanced/Suite):

Before Oracle moved to subscriptions, it sold perpetual licenses for certain Java SE offerings (like Java SE Advanced, Java SE Suite, or similar bundles). A perpetual license meant you paid an upfront fee and then had the option of annual support for updates.

These licenses often included advanced monitoring or security features and covered specific Java versions or usage scenarios.

Can you still use them?

Yes – if your company previously purchased Java SE licenses and is current on support, you typically have the right to use those Java versions indefinitely and receive updates.

For example, some enterprises bought Java SE 8 or Java SE 11 under a perpetual license. As long as they continue to pay the annual support, they receive patches for those versions.

However, Oracle no longer actively sells these perpetual Java licenses to new customers. And if you stop paying support, your rights to updates end (you’d only have rights to use the last version you received).

Perpetual licenses are increasingly rare now, but if you have them, they are an asset – just be aware that they might not cover newer versions like Java 17 or 21, and Oracle will push you towards subscriptions if you need those.

Legacy Java SE Subscription (2019–2022 model):

When Oracle first introduced paid Java in 2019, it offered a subscription model using traditional metrics familiar from other Oracle software.

There were two main metrics:

  • Named User Plus (NUP) – counting the number of named users or specific devices running Oracle Java. This was typically used for desktop Java installations or developer desktops. Oracle often sets a minimum (e.g., 25 NUP per server) to ensure a baseline spend.
  • Processor (CPU) – counting the number of processor licenses for Java running on servers (often aligning with how many CPU cores are in the servers, adjusted by a core factor table). This was used for backend servers or VMs running Java applications.

Under the legacy subscription, you would purchase a specific number of NUP licenses for your users’ desktops and/or processor licenses for your servers.

For instance, if you had 100 developers using Java and 10 servers running Java applications, you might license 100 NUPs and 10 processors (depending on core counts). Oracle’s list pricing at the time was roughly on the order of $30 per user per year for NUP and a few thousand dollars per processor per year, although deals could be negotiated.

The big advantage of this legacy model was that you only paid for what you used. If you only had Java on 5% of your machines, you would only pay for that subset. Many companies stuck with this model through the early 2020s.

However, after January 2023, Oracle stopped selling new subscriptions under NUP or Processor metrics. Existing customers on these plans could renew temporarily under strict conditions, but Oracle signaled these would be phased out.

In fact, by late 2023, Oracle sales representatives often refused to provide a renewal quote unless the customer agreed to discuss moving to the new model. It’s clear that the legacy Java SE subscriptions are being retired – if you’re still on one, be prepared for pressure at your next renewal.

Java SE Universal Subscription (2023+ Employee-Based Model):

This is Oracle’s current Java licensing model for new customers (and the intended future for everyone). The Java SE Universal Subscription uses an Employee-based metric.

According to Oracle’s definitions, you must count all of your employees, plus contractors and temporary workers, to determine how many “Employee” licenses you need.

In practice, it functions like an enterprise-wide site license for Java. Whether you deploy Java on 10 devices or 10,000 devices, the cost is the same – it’s driven by headcount, not technical usage.

For example, if your organization has 2,000 employees (including full-time, part-time, and contractors on payroll), you need to purchase 2,000 Java SE Universal Subscription licenses. Oracle’s standard pricing is $15 per employee per month (so 2,000 employees would be $30,000 per month, or $360,000 per year at list price).

There are volume discounts; organizations with tens of thousands of employees might pay a lower rate (down to around $5-$10 per employee per month, depending on scale). The subscription grants you the right to use any version of Oracle Java SE on an unlimited number of machines. It includes support and updates as long as the subscription remains active.

This employee-based model greatly simplifies compliance tracking (you don’t need to count installations anymore). But it massively increases costs for many companies, especially those that only actively use Java on a fraction of their systems.

It essentially monetizes the “ubiquity” of Java by making you pay for everyone, even Jane in HR, who doesn’t know what Java is. Oracle portrays it as a fair, simple approach, but for most organizations, it feels like a heavy-handed license tax.

To see exactly how the employee-based model works, read our article on employee-based Oracle Java licensing.

Importantly, if you sign up for this model and later realize you overpaid (because not everyone was using Java), there are generally no refunds – it’s a fixed cost unless you reduce your employee count. And if your company grows, your Java bill grows correspondingly.

Which models are relevant now?

In summary, if you’re a new customer or your old contract has lapsed, the Employee-based Universal Subscription is likely the only option Oracle will offer for Java SE. If you have a legacy subscription still in place, you might have one last renewal on the old terms, but plan for a transition.

If you have perpetual licenses from the past, treasure them and ensure you remain compliant with their terms and conditions. However, also start planning for how you will handle new Java versions not covered by those licenses.

What Requires an Oracle Java License in 2025–2026?

One of the most common questions from enterprises is, “Do we need an Oracle Java license for X?”

Given all the recent changes, it’s critical to know exactly what usage does and does not require a paid Oracle Java license as of 2025.

Here are the main scenarios that require an Oracle Java license in 2025–2026:

  • Running Oracle Java SE in Production: If your servers, applications, or user workstations are running the Oracle-provided Java runtime (Oracle JDK or JRE) in a production or commercial context, you almost certainly need a license unless you are within a specific free-use allowance. Following the 2019 rule change, Oracle’s OTN license was required for production use. The only exception was if you were using a version under the NFTC free period – for example, running Java 17 in production was allowed for free until late 2024. But once that period ended (or if you’re on an older version like Java 8 or 11), any continued production use means you should be paying Oracle (via a subscription or prior license) for updates. In short, by 2025, any Oracle Java runtime used in business operations (excluding development/testing) will require a paid license or subscription.
  • Using Oracle’s Java beyond the free update timeline: Oracle Java versions under the NFTC license have an expiration on free updates. Java 17’s free updates ended in 2024; Java 21’s free updates will end in 2026, and so on. If you continue to use an Oracle JDK version past its free-update window, you will not receive further security patches unless you pay. Technically, you can still use the last free version without paying (Oracle’s license doesn’t retroactively charge you), but it’s risky to stay on an unpatched Java. For practical purposes, if you want to receive security updates for Oracle Java beyond the free period, you must purchase a subscription.
  • Indirect or Embedded Use of Oracle Java: Be careful of Java usage that isn’t obvious. Many enterprise applications and appliances include an embedded Java runtime. If that embedded runtime is Oracle’s and it’s being used in production, it could trigger a licensing requirement for you or the vendor. Oracle has stated that OEMs and partners who embed Oracle Java in their products have separate arrangements (and the 2023 licensing changes didn’t directly affect those partners’ deals). However, if you internally embed the Oracle JDK in your own distributed software or Docker images, that can be considered using Oracle Java and may require a license. Additionally, suppose you use third-party software that installs the Oracle JRE on your system. In that case, you are technically responsible for licensing it unless the vendor explicitly covers the cost of the license. Common examples include older versions of enterprise software, hardware management tools, or installation packages that bundle Oracle Java. Bottom line: If Oracle’s Java binaries are present on your machines for anything beyond personal or development use, you should assume a license is needed.
  • Java SE Use in Development, Testing, or Personal Use: The good news is that Oracle allows some free usage scenarios. Under the OTN license (applicable to Java 8, Java 11, etc.), you may use Oracle Java for development, testing, prototyping, and personal, non-business use without a paid license. For instance, a developer can download Oracle JDK 11 to write and test code on their workstation without incurring any costs from Oracle. Likewise, a QA team can use Oracle Java in a non-production test environment at no cost. The key restriction is that none of those environments is serving your business in a production environment. However, note that even in dev/test, you won’t get updates forever for free – once the version’s public updates end, you’re stuck on that last version unless you pay or upgrade to a newer Java (which might itself be free only temporarily under NFTC). In summary, the development and test usage of Oracle Java is generally free (no license required) under current terms, but production use triggers licensing.
  • Free vs. Paid Java Distributions: It’s essential to distinguish Oracle’s official Java distribution from open-source alternatives. Oracle’s JDK is one implementation of Java, but there are others (OpenJDK, for example, and vendor-specific builds). If you download Java from Oracle’s website (java.oracle.com) and accept Oracle’s license, all the rules above apply. If you use an open-source Java distribution (such as OpenJDK) instead, you do not owe Oracle a license fee for it. OpenJDK is the same underlying code (Oracle contributes to it) but released under an open-source license (GPL). There are also distributions from Amazon (Corretto), IBM/Red Hat (Semeru/OpenJ9 or OpenJDK builds), Eclipse Temurin, Azul Systems, and more. These can be used in production without Oracle fees. The catch is that you need to manage updates/patching yourself or pay those vendors for support. Crucially, using a non-Oracle Java distribution means Oracle’s licensing terms do not apply. Many companies in 2025 are migrating to these free alternatives specifically to avoid Oracle’s license requirements. Ensure that you have completely removed Oracle’s JDK from those systems – Oracle auditors will look for any remaining Oracle components. If an Oracle JDK was once installed and not fully removed, it could become a point of contention in an audit.

In summary, by 2025, virtually any enterprise production use of Java on Oracle’s binaries requires either an active Oracle Java subscription or a very careful strategy (like freezing on an old version or switching to OpenJDK).

Always ask: “Whose Java am I running?” If it’s Oracle’s and it’s for business, assume you need a license (or quickly plan to eliminate that usage).

🎥 Already Spoke to Oracle About Java? Here’s What to Do Next | Oracle Java Audit Defense

Compliance Risks and Audit Triggers

Oracle’s Java licensing shift has introduced new compliance risks that many organizations are still struggling to understand.

Additionally, Oracle’s auditing of Java usage is now a reality.

Here are the top risks and audit triggers to be aware of:

  • Employee Counting Pitfalls: Under the new Java SE Universal Subscription model, one of the biggest compliance risks is miscounting your employees. Oracle defines “employee” broadly (all full-time, part-time, temporary, and contractors under your control). A common mistake is assuming you only need to count developers or IT staff. In truth, Oracle expects you to count everyone in your organization for licensing, including non-IT staff, if you opt for their subscription. If you undercount (say you license 1,000 employees when you have 1,20,0, including part-timers and contractors), you could be out of compliance and face back charges in an audit. This is a frustrating point for customers – after all, why pay for employees who never use Java? Some enterprises attempt to negotiate exclusions (for example, excluding contractor labor or subsidiaries), but unless explicitly stated in your contract, Oracle defaults to “all heads count.” Tip: If you are licensing Oracle Java per employee, take great care to get an accurate, agreed definition of counted personnel and document it. Don’t assume Oracle will accept a narrower count than their standard definition.
  • Contractors and Affiliates: When counting, be aware that Oracle often requires contractors to be counted if they use your systems, and they may also inquire about affiliates or subsidiaries. If your company has multiple legal entities but a single IT environment, Oracle may argue that all employees of those entities need to be counted under a single license. This can get complicated. For instance, if you have offshore contractors or a third-party company doing development for you using Oracle Java, Oracle could interpret that as needing coverage under your license. Similarly, if your parent or sister company uses Java under your agreement, the scope of who is considered an “employee” could become blurred. Non-compliance can occur if these edge cases aren’t accounted for. It’s wise to clarify in any Oracle contract how contractors and affiliated companies are treated. Otherwise, an audit might assert you didn’t license a group of people you never even considered.
  • Indirect Use and “Non-Production” Misconceptions: A sneaky compliance risk is indirect usage of Oracle Java. You might think, “We don’t use Oracle Java at all, we only use OpenJDK,” and thus feel safe. However, all it takes is one Oracle JDK lurking somewhere – perhaps a forgotten installation or a packaged component – to create an exposure. Common examples:
    • An admin installed Oracle Java on a server years ago, and it was never removed, even though the app now runs on OpenJDK.
    • A device management tool or an older version of a third-party app installed an Oracle JRE in the background without notice.
    • A developer downloaded Oracle JDK for testing, but then the machine or container containing it was deployed into production.
      Oracle auditors will look for any evidence of Oracle’s Java binaries. If they find even one instance on a production environment without a license, they can make a case that you are using Oracle Java unlicensed. Another misconception is about “non-production” environments: while Oracle’s license allows free development and testing use, if those environments are not segregated or if data from them is used in production, Oracle might challenge that. Additionally, any non-production use doesn’t grant you the right to production patches – some companies mistakenly continued using Oracle Java in staging, believing it was acceptable, and then copied that environment to production. Always cleanse production of Oracle bits if you’re not paying.
  • Common Audit Triggers for Java: Oracle typically initiates audits or compliance checks when it suspects a revenue opportunity. Some triggers in the Java context include:
    • Download history: Oracle monitors downloads from its website. If your company’s domain or network has downloaded Oracle JDK/JRE installers (especially after 2019), Oracle is aware that you may be using Java without a subscription. This alone can trigger a “friendly” outreach.
    • No current subscription on record: If you are a known Oracle customer (for databases or other products) but you have no Java licenses, Oracle’s sales team might flag that. They know nearly every large company uses Java somewhere, so the absence of a Java contract is a red flag that you might be out of compliance.
    • Expiring Java contracts: If you had a Java subscription that you didn’t renew, or a legacy contract that’s ending, Oracle may audit to ensure you stopped using their software or to push you into a new deal.
    • Announcement of Java usage or migration: Sometimes, press releases or case studies reveal a company’s tech stack. If you publicly discuss using Java (or migrating from Oracle Java), it could draw Oracle’s attention. We’ve seen cases where an Oracle rep reaches out after such news, under the guise of “can we help with your Java needs?” which is a soft audit probe.
    • Broader Oracle audits: If you’re undergoing an Oracle audit for databases or middleware, expect Java questions to surface. Oracle often bundles Java into a larger audit, as the same audit rights may cover it, which can catch customers off guard.

In all these cases, the risk is ending up non-compliant and owing Oracle a significant sum (often backdated subscription fees and possibly backdated support); however, Oracle tends to resolve Java issues by selling a future subscription rather than seeking penalties.

The best defense is to proactively manage Java usage (more on strategies later) so that even if audited, you have a clear understanding of what Oracle might find and you can respond from a position of strength.

Cost Implications of Oracle Java Licensing Changes

Oracle’s licensing changes don’t just create compliance headaches – they also have major cost implications.

Many organizations have seen or will see their Java-related costs rise sharply under the new regime.

Let’s break down the cost factors:

  • Java Subscription Pricing (Universal Subscription): Oracle’s current Java SE Universal Subscription is priced on a per-employee basis. The list price is $15 per employee per month. That equates to $180 per employee per year at the list. Oracle does offer tiered volume discounts – for example, as the employee count grows into the tens of thousands, the per-unit price can drop (Oracle quotes as low as $5.25 per employee per month for very large organizations, and further discounts are negotiated case by case). Still, even with discounts, licensing Java for an entire enterprise is costly. Consider a midsize company with 5,000 employees: at list price, that’s 5,000 * $180 = $900,000 per year. Even if they negotiate down to say $10 per employee/month, it’s still $600,000 per year. For a larger enterprise with 50,000 employees, even a heavily discounted rate (say $6 per month) would amount to $3.6 million per year. These are significant new expenses for something that was previously free or low-cost.
  • Comparing Old vs New Model Costs: Under the legacy NUP/Processor model, costs were often much lower relative to company size. For example, suppose a company had Java running on 200 servers and 500 developer PCs under the old model. If each server required a processor license (let’s say $5,000 each per year), that’s $1,000,000. Additionally, 500 NUPs at approximately $30 each total $15,000, totaling around $1,015,000 per year. That same company, if it has, say, 20,000 employees, under the new model, at even $10/employee/month, would pay $2.4 million per year. The most stark cases are companies that only use Java in a narrow part of their IT infrastructure. We’ve seen cases where a client was paying approximately $100,000 per year for Java licenses targeting just a specific user group. Oracle’s new quote under the universal model was five times higher because its total employee count was large. In short, many organizations will pay 2x, 5x, or even 10x more for Java under the new model compared to the old model or their previous spending. This “Java cost explosion” is a direct outcome of Oracle’s strategy to monetize broad usage.
  • Typical Overspend Scenarios: There are a few scenarios where companies might overspend on Oracle Java if they’re not careful:
    • Licensing all employees when not needed: Oracle’s model forces this, but some companies have managed to avoid it by either sticking to old contracts as long as possible or transitioning to alternatives. If a company blindly accepts Oracle’s terms, it may end up paying for far more licenses than it needs. For instance, imagine a firm where only their software development department (say 10% of staff) actually needs Oracle Java (perhaps because they use specific Oracle-only features). If they opt for Oracle’s default approach, they’ll pay for 100% of the staff. That 90% difference is essentially wasted spend. Alternatives (like only licensing the subset via an older metric or moving most users to OpenJDK) could save a lot.
    • Over-provisioning via legacy subscriptions: On the other hand, some organizations, in preparation for the new model, tried to “stock up” on old licenses. In some cases, Oracle allowed a last purchase of NUP or Processor licenses. If this were not done strategically, companies might have bought more than needed (e.g., over-counting to be safe). If they later migrate away from Oracle Java, that money is sunk cost.
    • Paying for Oracle support you don’t use: If you have perpetual Java licenses with annual support, you might be paying maintenance fees each year (often ~20% of license cost annually). We’ve seen instances where companies continued to pay support on old Java SE licenses, but had already moved to OpenJDK and no longer needed Oracle’s patches. It’s easy for these support contracts to fly under the radar. Ensuring you’re not double-paying (once to Oracle and again to an OpenJDK vendor, or paying Oracle when you no longer use their bits) is important.
    • Audit settlements without negotiation: When Oracle audits and finds non-compliance, they typically present a bill for licenses (and sometimes back support). If a company panics and simply pays for it, they might end up purchasing an expensive subscription deal that wasn’t thoroughly thought out. For example, Oracle might say, “We found Java usage, you need to license all 15,000 employees, here’s a $2 million quote, sign here to resolve.” If one simply accepts, that could be overspending relative to other options (like negotiating the count or price down, or migrating off Oracle Java and paying nothing in the future). Always evaluate alternatives before signing a big check to Oracle.
  • Total Cost of Java (Direct + Indirect): Beyond the subscription fees themselves, consider the indirect costs of Oracle Java licensing changes:
    • Upgrade costs: Oracle’s NFTC approach essentially forces you to upgrade Java versions frequently or incur additional costs. Some organizations that choose not to pay must invest in upgrading their applications to the latest Java version every two years to remain in the free zone. That has development and testing costs.
    • Switching costs: Conversely, moving off Oracle Java to OpenJDK or another platform isn’t free – there’s effort required to test compatibility, possibly the purchase of third-party support (which is usually cheaper than Oracle, but still incurs a cost), and retraining teams on managing a new distribution.
    • Audit readiness costs: Companies are now spending time and resources on Java compliance, including inventory tools and license consultants. This was not a concern pre-2019. While not a direct Oracle fee, it’s part of the cost of dealing with Oracle’s licensing changes.

In summary, Oracle’s Java licensing changes through 2025 have made Java a noticeable line item in IT budgets. Many CFOs and CIOs are surprised to find six- or seven-figure proposals for something that was once free.

It’s critical to analyze your actual Java usage and explore ways to optimize or reduce these costs, which leads to our next sections on enforcement and strategies.

These Java licensing cost models are more comprehensible within the context of the broader licensing timeline.

How Oracle Enforces Java Licensing

Oracle has developed a reputation for aggressive license enforcement across all its products, and Java is no exception in 2025.

Understanding how Oracle enforces Java licensing can help you prepare and respond appropriately.

Here’s what to expect from Oracle’s tactics:

  • “Soft Audits” and Friendly Check-Ins: Oracle often begins its Java compliance enforcement with a soft audit, which initially appears to be a friendly check-in. You might receive a casual email or call from your Oracle account manager or an Oracle Java sales specialist. They’ll pose it as a customer service gesture: “We just want to make sure you’re aware of the latest Java security updates,” or “Oracle has new Java licensing options. Can we schedule a meeting to discuss your Java usage?” They may even claim concern that you’re running older Java versions that need patching. This is usually a fishing expedition. During these conversations, they will ask questions like: “What versions of Java are you running? Are you using Oracle’s Java or OpenJDK? How many servers and desktops roughly?” They might reference that “we noticed someone from your company downloaded Java from our site” as a hint. Make no mistake – this is an audit in all but name. Oracle representatives are gathering data to assess whether you may be using Oracle Java without a license. How to handle it: Be polite but cautious. Do not volunteer detailed information unless you’re confident in your compliance. It’s often best to get such inquiries in writing and respond formally. And never run Oracle’s scripts or tools to “assess” your Java deployment unless legally required – those will report back more info than you want to share.
  • Formal Audit Notices: If Oracle strongly suspects non-compliance or if the soft approach doesn’t get results, they can escalate to a formal audit. This is typically communicated in a written notice, often invoking the audit clause of your Oracle license agreement (if you have any Oracle products, the contracts typically include a broad audit clause that can encompass Java). The formal audit will involve Oracle’s License Management Services or GLAS team. They will send a list of data requests or scripts to run to inventory your Java installations. This is where things get serious: Oracle will look for any Oracle Java binaries on any system. If you’ve undergone database audits, expect a similar level of rigor. They may find evidence such as Oracle Java registry entries, installed directories, or Java usage logs. Note that even if you don’t have a direct Java contract, Oracle will argue they have the right to audit based on your use of their software (by downloading and using Oracle Java, you agreed to their license terms, which include audit rights). In a formal audit, you likely need legal counsel and a clear strategy – it can last months. Oracle will quantify any unlicensed usage.
  • Audit Pressure and Settlement Tactics: Oracle’s endgame in enforcement is typically to get you to purchase a license subscription. In many cases, once they identify unlicensed use, they will push for a quick resolution by selling you a Java SE Universal Subscription that covers your entire environment. They might say, “If you sign a subscription now for X employees, we’ll waive any back fees.” This can be positioned as a discount (waiving what could be years of retroactive fees). But often the “remedy” is you committing to a multi-year subscription in the future. Oracle reps and auditors may use scare tactics like, “If this isn’t resolved, we’ll have to involve Legal,” or “Continuing to run unlicensed software could have serious consequences,” implying legal action or software disabling (Oracle can’t remotely disable Java in your environment, but fear works). They might also set short deadlines — e.g., “please provide the inventory results by next week” or “decide on the purchase this quarter.” It’s all part of the pressure to close a sale.
  • Account Manager Leverage: Beyond audits, Oracle account managers sometimes use Java as a lever in broader negotiations. For instance, if you’re trying to sign a database deal or renew support on another product, an Oracle rep might slip in, “By the way, I noticed you’re not covered for Java. Let’s add a Java subscription to this deal to ensure you’re compliant.” This kind of bundling or cross-selling is common. The implication is that if you don’t buy Java licenses, they might not give you a good discount on the other deal, or worse, they could initiate an audit. It puts procurement in a bind: pay extra now or risk a compliance issue later.
  • Escalation Path: Typically, the path involves a soft inquiry, followed by a formal audit notice, findings, and a purchase/license settlement. Oracle generally prefers a settlement (where you purchase licenses) over taking legal action. However, if a company outright refuses to comply, Oracle could theoretically pursue legal remedies for breach of license. That’s rare; most organizations will come to the table before it gets to lawsuits. However, keep in mind that Oracle’s audit clause typically allows them to charge back support fees for past unlicensed use, which can be a substantial sum. They often waive those as part of a subscription deal (which is one reason companies agree – they avoid a scary theoretical liability by agreeing to future spend).

For tactical guidance, see our advisory on Oracle Java audit defense strategies.

To summarize enforcement:

Oracle employs a mix of stealth and force – starting with friendly conversations that often escalate into de facto audits, and concluding with strong-arm negotiation to sell you an enterprise-wide license.

Knowing this, the best approach is to avoid getting to that point by managing your Java usage proactively. If Oracle does knock on your door, have your facts ready and consider involving experts who are familiar with Oracle’s tactics. Next, we’ll outline strategies to manage these licensing changes and avoid costly outcomes.

Enterprise Strategies to Manage Oracle Java Licensing Changes

Oracle’s Java licensing changes might feel like a trap, but with the right strategies, your enterprise can stay compliant and minimize costs. Here are key strategies and best practices to manage Oracle Java licensing in 2025–2026:

Discover & Document Java Usage — Inventory Every Deployment

You can’t manage or defend what you don’t know you have. The first step is to conduct a thorough discovery of where Java is used within your organization.

This means:

  • Inventory all servers, VMs, desktops, and applications to identify any instances of Java. Look for installed JDK/JREs, regardless of whether they are Oracle or not. Tools can scan for “java.exe” or Java registry entries on Windows, or known file paths on Linux.
  • Don’t forget hidden Java instances: Java could be embedded in applications (e.g., an application server like WebLogic or IBM WebSphere includes Java, though if it’s an Oracle product, it might be covered – still note it). Also check build servers, CI/CD pipelines, and containers/Docker images for Java runtimes.
  • Document the version and distribution of each Java instance. Is it Oracle Java 8? OpenJDK 11 from AdoptOpenJDK? Amazon Corretto 17? Knowing this helps you pinpoint what is subject to Oracle licensing. Many organizations find they have a mix of Oracle and non-Oracle Java – the goal should be to eliminate Oracle JDK where not necessary.
  • Map it to business usage: For each instance, determine if it’s production, test, or development, and which application or service it supports. This context will help prioritize actions (for example, an Oracle JDK found on a critical production server is a high priority to address).
  • Keep this inventory up-to-date. Treat Java installations like you would any other licensed software in your CMDB (Configuration Management Database). Having this at your fingertips is invaluable if Oracle initiates an inquiry – you’ll know your exposure better than they do.

Build an Audit Defense Posture — Prepare Documentation Before Oracle Calls

Given the high likelihood of Oracle Java audits, it’s wise to prepare in advance:

  • Maintain proof of entitlement: If you have any Oracle Java licenses (subscriptions, perpetual rights, contracts allowing certain uses), keep those documents organized. You’ll need to show them if audited. Also, keep records of renewal quotes or Oracle emails that might have granted you any exceptions.
  • Snapshot your Java usage periodically: It can help to run your own internal “audit” scripts to have an official record of what was where at a given time. If Oracle claims you used more than you did, your data can be a defense.
  • Develop a Java compliance policy: This could be an internal policy that no Oracle Java is to be installed without approval. Educate your IT staff and developers: If they need Java, they should use approved distributions (OpenJDK or licensed Oracle installations) by company policy. Prevent the classic scenario of an engineer downloading Oracle JDK because it’s easy – that can inadvertently create compliance exposure.
  • Plan your response to Oracle: Identify who in your organization would be responsible for handling a Java audit (typically your software asset management team, with support from legal and possibly an outside licensing advisor). Establish a protocol: what if an Oracle rep calls tomorrow? For instance, direct all such inquiries to a specific manager; do not let lower-level tech staff engage informally. This ensures a consistent, controlled response.
  • Limit information sharing: It’s often wise to answer Oracle’s questions narrowly and accurately, without volunteering extra info. Have any communication reviewed so you don’t inadvertently admit to compliance gaps.
  • Third-party support: Some companies pre-emptively engage third-party licensing experts or firms experienced in Oracle audits to be on standby. Their guidance can be invaluable if Oracle comes knocking, as they are familiar with the tactics and can help you avoid missteps.

Being prepared for an audit can turn a potential scramble into a more routine process. It also signals to Oracle that you’re serious and knowledgeable, which can sometimes cause them to back off or at least proceed more reasonably.

Negotiate Smartly — Push for Phased Pricing, Exceptions, or Exit Rights

If you determine that you do need to procure an Oracle Java subscription, don’t just accept the first quote.

Negotiate assertively, leveraging your knowledge and leverage:

  • Don’t reveal willingness too early: If Oracle knows you plan to migrate off in a year, for example, they might not offer a short-term deal. Conversely, if they think you might leave, they might offer a sweeter price to keep you.
  • Seek a phased or flexible deal: For instance, if you have 10,000 employees, you might negotiate a deal where you only pay for 5,000 in the first year (perhaps covering just IT staff) and include contract language to expand later if needed. Oracle may resist, but large customers have had some success carving out subsets (like not counting manufacturing floor workers who never use a PC). Everything must be explicitly stated in the contract.
  • Cap the increases: Ensure the subscription price remains fixed for the term of the contract (typically 1-3 years), and be aware of automatic renewal clauses that could lead to price hikes. Negotiate renewal caps or the right to reduce counts if your employee numbers drop.
  • Include termination or migration clauses: If you plan to potentially switch away from Oracle Java in the future, see if you can include a clause that allows you to terminate the subscription early or not renew without penalty. Oracle might not allow much here, but even aligning the contract end with when you expect to be off Java can help.
  • Bundling leverage: If you’re also a big Oracle Database or applications customer, use that as leverage. Perhaps Oracle wants your database business – you can say, “We’ll consider the Java subscription if you give us better terms on the database renewal,” or vice versa. Everything is negotiable as a package in Oracle land.
  • Get exceptions in writing: If, for example, Oracle agrees that you don’t have to count contractors from a certain subsidiary, ensure the contract explicitly states how counting is to be done. Verbal assurances mean nothing in an audit 2 years later when a new Oracle rep is involved.

In summary, treat a Java subscription purchase like any other major software negotiation.

Oracle’s initial offer will be the most expensive; they expect some pushback. Just be aware that Oracle’s willingness to negotiate on the employee count model is limited in some cases (they have a one-track strategy), but price and terms can often be improved if you try.

Explore Alternatives — OpenJDK, Third-Party Distributions, and Support

Perhaps the most powerful strategy is simply not playing Oracle’s game. If the costs or hassle are too much, consider moving away from Oracle Java entirely:

  • OpenJDK (Free and Open Source Java): OpenJDK is the open-source reference implementation of Java. Oracle itself provides the OpenJDK builds for each release under an open license (GPL with Classpath Exception). These are free to use in any environment. The catch is that Oracle only provides updates for the current release and maybe the last LTS in the open form; they don’t provide long-term updates for older LTS through OpenJDK (that’s reserved for their paid customers). However, the OpenJDK community (and other vendors) often step in to maintain LTS releases.
  • Other Distributions: Several reputable Java distributions are either free or much cheaper than Oracle:
    • Azul Zulu and Azul Platform Core: Azul Systems offers Zulu, a free OpenJDK build, and also sells support. They often maintain older Java versions with updates longer than Oracle does publicly.
    • Amazon Corretto: Amazon provides Corretto, a free distribution of OpenJDK, with long-term support at no cost (Amazon uses Java internally at massive scale and shares its builds). Corretto 17, for example, will receive updates for several years, and it’s free.
    • IBM Semeru (and former AdoptOpenJDK/Eclipse Adoptium): IBM and the open Java community also provide builds (Eclipse Temurin is the continuation of AdoptOpenJDK). These are free; IBM offers support services if needed.
    • Red Hat OpenJDK: Red Hat maintains OpenJDK updates (especially if you’re a Red Hat Enterprise Linux customer, you get updates to certain Java versions as part of your OS subscription).
  • Switching considerations: Replacing Oracle JDK with OpenJDK is usually straightforward because they share the same codebase (Oracle JDK is built from the OpenJDK source with a few add-ons). For most applications, the switch is transparent. You need to test critical apps to ensure there are no surprises. Also, ensure you match the version (e.g., replace Oracle Java 11 with OpenJDK 11).
  • Support and Security: One reason companies stuck with Oracle was the promise of timely security updates. If you opt for a free distribution, ensure you have a plan in place to receive updates. This might mean relying on community updates or paying a vendor like Azul or Red Hat for a support contract that is still likely cheaper than Oracle’s. The cost of third-party Java support tends to be a fraction of Oracle’s price.
  • Partial migration: You don’t have to do an all-or-nothing. Some enterprises choose to retain Oracle Java for a subset of applications (perhaps where they utilize a specific Oracle-only feature or certified stack), and migrate the rest to OpenJDK. This way, they might reduce the needed Oracle licenses. However, with the employee metric, Oracle doesn’t care if you only use it in one place – you still pay for all employees. So, partial migration only helps if you either stick with the legacy model for that subset (if possible) or fully ditch Oracle’s contract. Under the new model, using even one Oracle Java instance triggers the need to license everybody, which is exactly why many are choosing to migrate 100% off Oracle Java.
  • Future-proofing: If you go alternative, monitor Oracle’s Java roadmap and the alternative support roadmap. For example, Java 21 is an LTS; Oracle will stop providing free updates in 2026, but your vendor may continue to do so until 2027 or beyond. Plan your upgrades accordingly (you might jump from Java 17 to 21 to 25 over the years, always using free LTS periods and third-party support, avoiding Oracle fees entirely).

The bottom line on alternatives:

Many organizations can completely avoid Oracle Java licensing fees by switching to OpenJDK or other distributions. It requires some effort and discipline (to replace Oracle JDK installs and ensure updates), but the savings and risk reduction are huge. Even if you stay with Oracle for now, it’s wise to evaluate these alternatives so you have an exit plan if Oracle’s terms worsen.

Outlook: What to Expect by 2026

Looking toward 2026 and beyond, what is the trajectory of Oracle Java licensing, and what should enterprises be prepared for?

Growing enterprise migrations away from Oracle Java: The backlash to Oracle’s 2023 employee-based model has been significant. Many enterprises, especially those with tight IT budgets, are actively planning or executing migrations to non-Oracle Java platforms. By 2026, we expect a substantial portion of the Java community to standardize on OpenJDK or vendor-supported open source Java rather than Oracle’s distribution. This is similar to what happened with Oracle’s OpenOffice vs. LibreOffice, or other open-source forks – when costs get too high, the community finds a way. Oracle likely anticipated some attrition but is betting that many will pay due to convenience or inertia. Keep an eye on industry surveys: if your peers are leaving Oracle Java in droves, it might bolster your case to do the same.

Oracle’s likely push for audits and renewals: Oracle knows that as time passes since the 2023 change, more legacy Java subscriptions will expire, and more companies may quietly drift into non-compliance or adopt alternative solutions. We anticipate Oracle will further step up Java audits in 2025 and 2026 to catch holdouts. Oracle’s audit machine might also become more sophisticated in detecting Java use (for instance, by scanning public Docker images or utilizing software update downloads as telemetry). Also, when the next Java LTS (likely Java 25 in 2025) reaches the end of its NFTC period (around 2027), Oracle will use that event to prompt another round of “pay or upgrade” decisions, similar to 2024’s Java 17 deadline. By 2026, Oracle may also adjust pricing – possibly raising rates or adjusting tiers – especially if initial sales targets aren’t met. In short, expect Oracle to remain very proactive in enforcement and revenue maximization for Java.

Potential changes in Oracle’s approach: While Oracle’s current stance is rigid, by 2026, they might introduce some new wrinkles. For example, Oracle could offer a Java ULA (Unlimited License Agreement) where a company pays a large one-time fee for unlimited usage, as a way to lock in big customers. Alternatively, Oracle might bundle Java with other products (e.g., “buy Oracle Cloud or Database and get Java free”) to entice customers to stay. We already see a hint of this: Oracle allows Java to be used on Oracle Cloud Infrastructure without separate license fees. This suggests Oracle might leverage Java to boost its cloud services (essentially saying “if you run your workloads on Oracle Cloud, you don’t have to pay for Java licenses there”). By 2026, if Oracle faces a shrinking Java customer base due to open-source migrations, it could respond either by doubling down (strict audits, legal action) or by introducing slightly more palatable offers to retain customers. It’s challenging to predict which path they’ll take, but companies should monitor any policy updates.

What enterprises should do now (in 2025) to prepare: Don’t wait until you’re audited or up against a deadline. Use 2025 to:

  • Complete your Java usage inventory and remove Oracle Java where you can.
  • If you think you’ll need Oracle’s subscription (e.g., due to internal application constraints), budget for it and possibly negotiate a deal before an audit forces your hand. Oracle representatives may be more flexible if you approach them proactively than if they catch you out of compliance.
  • Strengthen your software asset management around Java. Make it a standard procedure to evaluate any new application for Java usage and alternatives.
  • Keep leadership informed. The CIO and CFO should be aware of the potential exposure. Too often, Java licensing costs hit as a surprise. Avoid that by quantifying the worst-case costs (e.g., “If we had to license everyone, it’d cost $X million”) and the plan to mitigate it (“we’re migrating to OpenJDK, which will save us $Y million over three years, with these risks…”).
  • Security vs. cost planning: One reason companies pay Oracle is the fear of security gaps if they don’t get updates. Develop a clear strategy: either commit to paying for patches (Oracle or third-party support) or commit to upgrading/migrating in a way that ensures a free solution always covers you. A laissez-faire approach (“we’ll just not update Java”) may get you through a year or two, but it is not sustainable given the increasing cybersecurity threats.

By 2026, the Java licensing landscape will have two types of enterprises: those that are locked into paying Oracle dearly and those that have successfully freed themselves from that dependency (or managed it tightly to minimize costs). With the right actions in 2025, you can ensure your organization is in the latter category.

For an actionable compliance plan, follow our Oracle Java compliance checklist for 2025.

FAQs

Q: What was the last free Java 17 release under Oracle’s no-fee terms?
A: Oracle Java 17 was free under the NFTC license up until one year after Java 21’s release (late September 2024). The final update to Java 17, which was available for free, would have been the last quarterly update before that deadline. In practical terms, Java 17 Update 12 (17.0.12) was among the last versions released under the free NFTC terms. After that, any further Java 17 updates (such as 17.0.13 and beyond) require a paid subscription. Suppose you are running Java 17.0.8, 17.0.12, or any build released before Oct 2024. In that case, you can use those under the NFTC license indefinitely – but you won’t get any more security patches on Java 17 without paying. So, the “last free” Oracle JDK 17 update was around September 2024. For continued free usage, Oracle expects you to move to Java 21 (which is free under NFTC until 2026) or switch to OpenJDK alternatives. We recommend that you read this Oracle Java licensing guide.

Q: Do we need to license every employee in our company for Java, even if only a few use it?
A: Under Oracle’s current Java SE Universal Subscription model, yes – the license is calculated on total employee count, not actual Java users. It’s a frustrating aspect for customers. Oracle’s stance is that an enterprise license should cover the whole organization. In their view, Java is likely used in many places (and can spread easily), so they insist on an “all employees” metric to simplify things. Technically, if you engage Oracle, they will sell only that metric now (with a few exceptions). However, you have options: You could stick with older licensing agreements (if you still have them) to only cover specific users/servers. Alternatively, consider avoiding Oracle licensing altogether by using open-source Java distributions for those who require it. Oracle won’t offer a license for “just 50 users” under the new scheme – it’s all or nothing. Some companies have pushed back and negotiated the exclusion of, say, a division or part-time staff, but these are special cases that must be explicitly agreed upon. In general, if you opt for Oracle’s official offering in 2025, it means that every employee (plus contractors) is included in the pricing.

Q: What happens if we don’t update beyond the last free NFTC version?
A: If you decide not to move beyond the last free update of a given Java version, you can continue running that version, but you’ll miss all future patches and improvements. For example, say your servers are running Oracle Java 17.0.12 (a free NFTC update). You can continue using that indefinitely without paying Oracle – Oracle’s license allows you to use it under the NFTC terms, which don’t expire for that particular download. However, after that point, Oracle will release new patches (17.0.13, 17.0.14, etc.) that you won’t have access to. Over time, as vulnerabilities are discovered, your Java runtime could become insecure. So the risk is accumulating security and stability issues. Oracle won’t sue you just for running an old free version – the compliance issue only arises if you download and use a post-free-period update without a license. So one strategy organizations considered is “freeze on the last free version.” This avoids immediate costs, but it’s a trade-off: you either accept the growing security risk or must put effort into upgrading to a newer Java release (like Java 21) to receive fixes. Essentially, not updating beyond NFTC keeps you compliant without incurring costs, but at some point, it becomes impractical or unsafe to remain on an unpatched JVM, especially in production. It’s a short-term Band-Aid, not a long-term solution, except perhaps for isolated systems that cannot be upgraded and you’re willing to take the risk.

Q: Can we still use our old Oracle Java perpetual licenses or subscriptions instead of the new model?
A: If your company previously purchased Oracle Java licenses (perpetual or subscription) and they are still valid, you can continue to use those – but with some caveats. Perpetual licenses (like Java SE Advanced) allow you to use the software version specified forever, but usually, you only get updates while you have an active support contract. If you maintain support, you can continue to receive updates for the covered versions. If you have an active subscription from pre-2023 (NUP/Processor model), you can use Oracle Java under that subscription as long as it’s active. Oracle has allowed some customers to renew those legacy subscriptions, but often with a warning that it might be the last renewal. You may be able to extend an old agreement through 2025, possibly 2026, but Oracle is likely to phase it out eventually. Additionally, older licenses may only cover specific versions or features of the software. For example, a Java SE 8 license doesn’t automatically grant rights to Java 17 or 21 – you’d need to see what your terms say. In summary, you can use existing licenses as long as they’re valid (and it’s smart to do so if it saves money), but keep in mind Oracle’s direction: they want everyone on the new model. Eventually, you may be forced to transition if you require newer Java versions or if Oracle refuses to renew its support. It’s wise to have a backup plan (like transition to OpenJDK or budget for the new model) in case your old agreement can’t carry you any further. For a side-by-side analysis of alternatives, explore our guide on OpenJDK vs Oracle Java licensing.

Q: How do we prepare for a Java audit today?
A: Preparation is key.

Here are concrete steps:

  • Perform an internal audit now: As discussed earlier, inventory all your Java installations and verify their sources (Oracle vs. open-source). This will inform you of your current standing.
  • Address any obvious gaps: If you find unlicensed Oracle Java in production, you essentially have three choices: remove it (uninstall or replace with OpenJDK), upgrade it to a version you can use for free, or purchase a license for it. Take action before Oracle forces you.
  • Gather documentation: Collect all Oracle Java-related agreements, proofs of concept that show you are allowed certain uses, and records of when/where Oracle Java was downloaded. If you have support contracts or MOS (My Oracle Support) downloads, have those logs. This can help demonstrate what you’ve legitimately obtained.
  • Establish an audit response team: Identify who will serve as the primary liaison with Oracle. Loop in your legal department and perhaps an outside expert. Ensure they are aware of the findings of your internal audit so they have the full context.
  • Practice the process: It may sound overkill, but some organizations conduct “tabletop exercises” as part of their audit preparation. Simulate that Oracle has sent a notice, and walk through how you’d respond, what data you’d share, and what your negotiation stance would be. This rehearsal can highlight any weak spots in your plan.
  • Stay informed: Keep current with Oracle’s Java announcements. If Oracle changes something (like pricing or audit approaches), you want to know ASAP. Subscribe to bulletins or communities discussing Oracle licensing.
  • Don’t panic – plan: If an Oracle inquiry comes in, follow the plan: acknowledge receipt, take time to gather info, and involve the right stakeholders. Never feel pressured to respond instantly or give more info than necessary. Oracle audits can be managed calmly and methodically when you’ve anticipated them.

Preparing for an audit is essentially about being proactive rather than reactive. Many companies that got burned by Oracle Java audits were those that didn’t see it coming. By reading this guide, you’re already ahead of the curve.

With proper planning, you can avoid turning an audit into an ordeal – or better yet, avoid the audit entirely by staying compliant on your terms.

🎥 Java Case Study: Midwest Healthcare Provider Avoids $1M Oracle Licensing Demand Java Audit Defense

Checklist: 5 Actions to Take on Oracle Java Licensing

  1. Discover and Document Java Usage: Compile a complete list of all systems and applications running Oracle Java. Include version numbers and usage contexts (e.g., internal app, third-party product, development only, or production).
  2. Identify Unlicensed Deployments: For each Java installation, verify whether an existing Oracle support contract or product license covers it. Flag any that are not covered (e.g., Oracle JDK on a server with no Java subscription). These are potential compliance exposures to address.
  3. Implement Alternate Java Solutions: Wherever possible, replace Oracle JDK with an OpenJDK distribution or another vendor’s JDK. Test critical workloads on the alternative and roll it out, starting with non-production systems and then moving to production systems. This step will reduce or eliminate reliance on Oracle licensing.
  4. Update Policies and Train Staff: Establish a policy that prohibits downloading or installing Oracle Java without prior approval. Educate your IT staff and developers about the licensing changes – they should be aware that using Oracle’s JDK incurs cost implications. Make sure patches and updates come from approved (ideally non-Oracle) sources going forward.
  5. Engage in Advance Planning: If you anticipate needing to negotiate with Oracle (for a new subscription or at renewal), start preparations early. Gather your usage data, define your negotiation goals (budget, terms), and consider enlisting a licensing expert to develop a negotiation strategy. Have a clear timeline for either migrating off Oracle Java or finalizing a deal, so you’re not caught off guard by an Oracle audit or contract deadline.

Free Java Resources: Must-Read White Papers for CIOs and IT Procurement Leads

If you’re facing a Java audit, preparing for one, or simply trying to take back control of your Oracle licensing, you’re not alone—and you’re not powerless.

Here are our most valuable downloads:

📘 Java Audit Defense: 10 Tactics That Could Save You Millions

This isn’t a high-level overview—it’s a tactical playbook. We walk you through ten specific defensive moves that have helped our clients significantly reduce audit claims, and in some cases, eliminate them.

Why you’ll want this: It reveals the patterns Oracle’s audit team relies on—and how to counter each one effectively.

📘 Java License Optimization & Removal

Still paying for Java licenses you might not need? This white paper examines the process of legally removing commercial Java deployments and transitioning to compliant, cost-effective alternatives without triggering a compliance issue.

Why you’ll want this: If you’re struggling to understand how many Java licenses you really need, this is your roadmap.

📘 How To Negotiate An Oracle Java Audit Settlement

You’ve received an audit report. Now what? Learn how to pressure-test Oracle’s findings, identify flaws in their methodology, and prepare a counteroffer that protects your budget.

Why you’ll want this: Because Oracle’s “final offer” is rarely final—and we show you how to fight back.

📘 Oracle Java Audit Defense: Tools, Tactics, And How To Respond

Your audit response strategy can make or break your outcome. This guide outlines the technical tools, internal audit steps, and communication strategy you need to stay in control during the audit process.

Why you’ll want this: It arms your internal team with the right questions, right tools, and right tone from Day 1.

FAQ

Q1: What were the major Oracle Java licensing changes in 2019 and 2023?
A: In 2019, Oracle stopped providing free updates for Java 8 for commercial use and introduced a subscription model, meaning businesses had to pay for Java SE updates and support going forward (unless using it only for personal, development, or other limited purposes under a new OTN license). Then, in January 2023, Oracle changed the model again by eliminating the old user/device-based subscriptions and moving to an employee-based licensing model (Java SE Universal Subscription). Under this 2023 model, companies must license Java for their total number of employees, rather than counting specific users or processors. This effectively turned Java licensing into an enterprise-wide agreement, often resulting in dramatically increased costs for customers.

Q2: If we use a third-party application that runs on Java, do we need an Oracle Java license?
A: In most cases, yes – if the application vendor hasn’t explicitly provided a license for Java. Oracle allows certain vendors (like some big ones, such as IBM or SAP) to distribute Java with their products, which covers you for using Java with that specific application. However, the vast majority of third-party software makers do not include Java licenses. That means if you install Oracle’s JRE/JDK to run a third-party app in production, you are responsible for obtaining the necessary licensing. Always check the application’s documentation or with the vendor: if they have an arrangement with Oracle, it will be stated. If not, you should assume an Oracle Java SE subscription (or an alternative Java runtime) is needed for compliance. On the other hand, if you’re using an Oracle product (Oracle DB, WebLogic, etc.), Oracle’s support contract for that product usually entitles you to use Java for it without a separate Java SE subscription. Always verify each case, because “Java included” is the exception, not the rule.

Q3: What happens if we choose not to renew our Oracle Java subscription?
A: If you don’t renew an Oracle Java subscription (or decline to transition to the new employee-based model at renewal), you must stop using Oracle Java in your environment to remain compliant. Practically, this means uninstalling Oracle JDK/JRE from systems or replacing it with an alternative. Be aware that Oracle closely monitors non-renewals – it’s common for Oracle to initiate a compliance check or formal audit soon after a customer drops a Java subscription. They want to ensure you truly removed it and aren’t continuing to use it without paying. So, if you plan not to renew, prepare for a potential audit. Ensure you have evidence (such as records of uninstallations and new JDK installations) to provide to Oracle if needed. In short, you can say no to renewing, but you must eliminate Oracle Java usage (or downgrade to versions that don’t require a subscription) by the end of your contract. Otherwise, Oracle may hit you with back-dated charges in an audit. Many organizations that decide not to renew also engage experts to help demonstrate their compliance during the exit process.

Q4: How can we reduce or avoid the costs of Oracle’s Java licensing?
A: There are several strategies to minimize paying Oracle for Java:

  • Use OpenJDK or Third-Party Java Builds: Switch your Java installations to open-source versions (like Eclipse Temurin/Adoptium, Amazon Corretto, Azul, etc.), which are free to use. This immediately avoids Oracle license fees while still keeping you on secure, updated Java versions.
  • Only use Oracle Java where truly necessary: It may be that some niche cases require Oracle’s build (for example, for specific Oracle products or support). Restrict the use of Oracle JDK to specific cases and use alternatives in other instances. This way, if you do have to buy a subscription, you can potentially reduce the scope (though remember Oracle’s new model is all-or-nothing, so this tactic was more useful under legacy licensing).
  • Stay on the latest Java LTS under NFTC: As a temporary measure, you could continuously upgrade to the newest LTS release, which Oracle offers for free under the No-Fee Terms for a limited time. This avoids fees for a couple of years at a time. The downside is you must upgrade promptly when a new LTS comes out and the old one’s free period expires. It’s a form of avoidance, but it requires diligence and may not be practical for all environments.
  • Negotiate a smaller deal or shorter term: If you have leverage, you might negotiate a custom Java licensing deal with Oracle (for example, a one-year license for a subset of users just to cover a transition period) at a discount. Oracle might not advertise it, but they can be flexible if they believe you will otherwise drop Java entirely. Ensure any such deal is in writing and limits your obligations.
    Ultimately, the most effective way to minimize Oracle Java costs is to standardize on non-Oracle Java and only pay for support from third parties as needed. This eliminates Oracle’s audit threat for Java. Many companies have made this a policy decision after analyzing the potential savings.

Q5: What key points should we negotiate if we decide to sign Oracle’s Java “Employee” subscription?
A: If you’re entering Oracle’s Java SE Universal Subscription, focus on these negotiation points:

  • Employee Count Definition: Ensure the contract clearly defines who is considered an “employee” and identifies any groups that can be excluded, such as those who don’t utilize IT resources (e.g., contractors who never access your systems or seasonal workers). Oracle’s default is inclusive, but no harm in asking for exclusions or at least clarity (to avoid future disagreements).
  • Pricing and Discounts: Negotiate the per-employee price. Use the tier system to your advantage – if you’re near a lower price tier, push to get that tier’s rate. If you’re a large customer or have other Oracle expenditures, ask for a discount better than the list price. Oracle sales reps have some flexibility, especially if they fear you’ll opt out entirely.
  • Multi-Year Protections: Consider locking the rate for multiple years or capping increases. For instance, if you sign a 3-year deal, you might get Oracle to commit to no more than a 3% annual increase or even a flat fee for that term. Avoid open-ended exposure to annual price hikes or changes in employee count.
  • Termination and True-down: Negotiate what happens at the end of the term. Ideally, have the freedom not to renew without penalties. If you expect your employee count to drop (say, through divestiture or layoffs), see if the contract allows a reduction in the licensed count at renewal (Oracle might not allow mid-term reductions, but perhaps at renewal, they’d adjust if headcount significantly changed).
  • Audit Waiver for Past Use: If Oracle is transitioning you from old usage to this new deal, obtain language that resolves any past compliance issues. E.g., “Oracle agrees no further fees are owed for Java usage before this agreement’s start date.” This ensures you won’t receive a separate invoice for old usage after you sign.
    Additionally, ensure you understand any renewal auto-notice clauses (don’t miss a window to cancel if you plan to), and coordinate the Java agreement with your broader Oracle relationship. If you have an Oracle Account Rep, sometimes bundling the Java negotiation with a larger deal (database or cloud renewal) can yield better discounts – just be cautious to evaluate that holistically. In all cases, enter negotiations well-informed about your actual Java usage and with a walk-away plan (e.g., using OpenJDK) so that Oracle knows you have an alternative. This will give you the best chance of getting a fair deal.

Related Articles Section

Our Java audit defense includes an outcome-based guarantee — you won’t pay any retroactive licensing fees.

Read about our Java Advisory Services.

Struggling with Oracle Java Licensing Redress Compliance Can Help

Do you want to know more about our Java Advisory Services?

Please enable JavaScript in your browser to complete this form.
Name

Author

  • Fredrik Filipsson

    Fredrik Filipsson brings 20 years of dedicated Oracle licensing expertise, spanning both the vendor and advisory sides. He spent nine years at Oracle, where he gained deep, hands-on knowledge of Oracle’s licensing models, compliance programs, and negotiation tactics. For the past 11 years, Filipsson has focused exclusively on Oracle license consulting, helping global enterprises navigate audits, optimize contracts, and reduce costs. His career has been built around understanding the complexities of Oracle licensing, from on-premise agreements to modern cloud subscriptions, making him a trusted advisor for organizations seeking to protect their interests and maximize value.

    View all posts