Home/Glossary/Indirect Access
M&A Software Glossary

What is indirect access?

Indirect access is the use of a licensed system through another application, device or interface that the publisher contends still requires its own license.

What is indirect access? Indirect access, sometimes called indirect or digital access, is the use of a licensed publisher system by a person or process that connects through a different application rather than logging in directly. The publisher position is that the data and functions are still being consumed, so a license is still owed. It is one of the most contested concepts in software licensing and a frequent source of latent liability in M&A, because the usage is real but the licensing was never counted.

Why indirect access is a major M&A risk

Indirect access is risky because it is easy to create and hard to see. A target connects a customer portal, a bot, or a middleware integration to a back end system such as an enterprise resource planning platform, and users who never hold a named license still trigger transactions inside it. The leading legal reference point is SAP UK Ltd v Diageo Great Britain Ltd, 2017 EWHC 189 (TCC), where the court found that named users accessing SAP through a Salesforce front end constituted use requiring SAP licensing, with a reported exposure of 60 million. As of June 2026 it remains the most cited authority on the concept.

How indirect access is licensed and measured

Publishers have moved toward outcome or document based metrics for indirect use, but legacy contracts still rely on named user or processor terms that were never designed for integrated systems. Measuring it means mapping every system that touches the licensed platform, identifying the human and automated initiators of each transaction, and matching them to a license type. The reconciliation is intricate, which is exactly why it is so often missed before a deal.

Indirect access in due diligence

A buyer should treat any integrated enterprise platform as carrying indirect access risk until proven otherwise. Mapping the integrations and sizing the exposure during diligence prevents the claim from arriving as a post close audit. This work is commercial and licensing advisory, not legal advice.

How indirect access arisesA four step timeline showing how users reach a licensed system through a third party front end and create an unlicensed claim.How indirect access arises1Front endportal or app2Integrationmiddleware link3Back endlicensed platform4Claimlicense owed
Direct versus indirect access
AspectDirect accessIndirect access
How users connectLog in to the systemThrough another application
VisibilityNamed accountsOften uncounted
Typical metricNamed userDocument or transaction based
M&A riskLowerHigh and frequently latent

Key takeaways

  • Indirect access is use of a licensed system through another application or interface.
  • Publishers contend it still requires a license even when users never log in directly.
  • SAP UK Ltd v Diageo Great Britain Ltd is the leading authority, reported at 60 million as of June 2026.
  • Any integrated enterprise platform should be treated as carrying indirect access risk in a deal.

Recommendations for buyers

  1. Map every integration. Identify each system that connects to a licensed platform during diligence.
  2. Trace the initiators. Count both human and automated processes that trigger transactions in the licensed system.
  3. Size the worst case. Quantify the exposure under the legacy metric before any publisher does.
  4. Renegotiate to a clear metric. Where possible move to document or outcome based terms that remove ambiguity.

Related reading: see the M&A software glossary hub, plus latent licensing liability and software audit.

Frequently asked questions

Is indirect access the same as indirect licensing?
They describe the same problem. Indirect access is the usage pattern and indirect licensing is how a publisher charges for it, typically through document, transaction or outcome based metrics.
Which publishers pursue indirect access claims?
SAP is the most associated with the concept, but Oracle, IBM and others assert similar positions. As of June 2026 SAP UK Ltd v Diageo remains the leading cited case.
How do I find indirect access in a target?
Map every application and integration that touches a licensed enterprise platform, then identify which users and automated processes initiate transactions inside it.
Can indirect access be licensed away?
Yes. Many publishers now offer document or outcome based licensing that prices indirect use directly, which can be more predictable than a legacy named user model.

Request a confidential software M&A risk assessment.

Map and quantify the licensing exposure in your target or portfolio before it becomes a post close audit. Independent, buyer side, paid only by the acquirer.

Talk to a software M&A advisor