Embedded and ASFU licenses explained.

Not every Oracle licence grants the same right. Some are deliberately narrow, sold at a discount in exchange for a restriction on how the software may be used. Embedded and Application Specific Full Use licences are the two most common of these, and they are valuable when respected and dangerous when forgotten. The danger is structural: the restriction lives in the contract, not in the software, so the database will happily do things the licence does not permit.

What is an ASFU Oracle license?

An Application Specific Full Use, or ASFU, licence lets you run an Oracle program only in support of one specific application from one specific vendor, and that limitation is the reason it is priced below a Full Use licence. A software vendor that builds on Oracle can resell ASFU licences to its customers so they can run the vendor's product, and only the vendor's product, on that database. The metric and the options behave like Full Use, but the field of use is fenced to the named application.

The saving is real and the restriction is precise. You may not point a reporting tool at the same database, you may not stand up a second application on it, and you may not use it for integration or development unrelated to the licensed product. The instant the database serves anything beyond its application, the ASFU right stops covering that use, and the gap becomes Full Use exposure.

What is an Embedded Oracle license?

An Embedded licence packages Oracle technology inside a third party product so tightly that the end customer never accesses the database directly, and that opacity is the condition of the discount. The Oracle components are bundled into an appliance or application and managed by the vendor. The customer buys the product, not the database, and is not meant to log in, query, or administer the Oracle layer at all. Embedded licences carry the deepest discount precisely because the right is the narrowest.

Exposure appears the moment that boundary is breached. A team that discovers the embedded Oracle database and decides to use it for a side project, a report, or a quick integration has stepped entirely outside the Embedded right. The use is now unlicensed, and because the Embedded licence was never sized for general use, the remediation is Full Use licensing across the relevant processors.

How do Embedded and ASFU licenses create audit exposure?

Embedded and ASFU licenses create exposure whenever the restricted database touches anything outside its single permitted application, because the moment of breach converts a discounted right into a Full Use obligation. The common triggers are familiar: a reporting or analytics tool pointed at the database, a second application sharing the same instance, custom development against the schema, or an integration that reads or writes data for another system. None of these are blocked by the software. All of them void the restricted licence for that use.

The defence is to map the field of use precisely and prove that everything running on the database stays inside it. Confirm exactly what each restricted licence covers, identify every connection and workload on the host, and separate genuine breaches from access that remains within the named application. Where a breach is real, scope the remediation to the specific use and processors rather than accepting a Full Use finding across the whole server. An independent line by line review of Oracle findings typically cuts a claim 60 to 80 percent, and field of use findings reduce sharply once the genuine breach is isolated from everything the restricted licence still properly covers.

Restricted licences sit alongside the rest of the database metrics, and the same counting discipline applies. See processor versus Named User Plus and counting processors correctly with core factors for the metrics behind the remediation, and the full method in the Oracle database licensing guide.