How to Review and Revoke Connected Apps: Complete 2025 Security Guide
Protect your personal data by removing unused app permissions from Google, Microsoft, Apple, and social media accounts
TL;DR – Quick Action Items
- Google: Go to myaccount.google.com → Security → Third-party apps, remove unused apps
- Microsoft: Visit account.microsoft.com → Privacy → App permissions, revoke old access
- Apple: Check appleid.apple.com → Apps Using Apple ID, stop unused services
- Social Media: Review Facebook, LinkedIn, Twitter app permissions in privacy settings
- Red Flags: Remove apps you don’t recognize, haven’t used in 6+ months, or have broad permissions
- Going Forward: Review quarterly, use minimal permissions, enable 2FA everywhere
🚨 Why Reviewing Connected Apps Matters
Connected apps can access your personal data, emails, files, and more through OAuth permissions. After major data breaches like the recent Salesforce incident involving Salt Typhoon, regularly cleaning up unused permissions is crucial for protecting your privacy and security.
⚠️ Security Risks: Unused apps retain access to your data even when you’re not using them. Breached third-party apps can expose your information to cybercriminals.
✅ Privacy Benefits: Reduce data sharing with companies you no longer trust, limit advertising tracking, and maintain control over your personal information.
🔍 Google Account Cleanup
Step 1: Access Google Account Settings
- Go to myaccount.google.com
- Sign in with your Google account credentials
- Click “Security” in the left sidebar
- Scroll down and click “Third-party apps with account access”
Step 2: Review Connected Apps
You’ll see three important categories:
- Third-party apps with account access – Full apps you’ve granted permissions to
- Signing in with Google – Apps you use Google to sign into
- Recently used devices – Devices that have accessed your account
Step 3: Remove Unused Apps
For Third-party Apps:
- Click on any app you don’t recognize or no longer use
- Review what data it can access (emails, contacts, drive files, etc.)
- Click “Remove Access” if you want to revoke it
- Confirm by clicking “OK”
For Sign-in Apps:
- Click “Signing in with Google”
- Review the list of apps and websites
- Click “Remove” next to any services you no longer use
- Confirm the removal
💡 Pro Tip: Use Google’s Security Checkup for a guided review of all permissions. This automated tool will walk you through potential security issues.
🏢 Microsoft Account Cleanup
Step 1: Access Microsoft Account Settings
- Go to account.microsoft.com
- Sign in with your Microsoft account
- Click “Privacy” in the top navigation
- Select “App permissions” from the left menu
Step 2: Review App Permissions
You’ll see apps organized by permission type:
- Apps that can access your info
- Apps with device permissions
- Connected services
Step 3: Revoke Unused Permissions
- Click on each app to see what data it can access
- Look for apps you haven’t used in months or don’t recognize
- Click “Remove these permissions” for apps you want to revoke
- Confirm by clicking “Yes”
Alternative Path for Office 365: Go to portal.office.com → Click your profile → “My account” → “Privacy” → “Apps and services”
🍎 Apple ID Cleanup
Step 1: Access Apple ID Settings
- Go to appleid.apple.com
- Sign in with your Apple ID credentials
- Navigate to “Sign-In and Security”
- Click “Apps Using Apple ID”
Step 2: Review and Remove Apps
- See all apps and services using “Sign in with Apple”
- View what information each app can access
- Click “Stop using Apple ID” next to apps you want to remove
- Choose whether to keep or delete your account with that service
- Confirm your choice
🚩 What to Look For When Reviewing
Red Flags (Remove Immediately):
- Apps you don’t remember authorizing
- Services you haven’t used in over 6 months
- Apps requesting broad permissions (full email access, all files, contacts)
- Developers you don’t recognize or trust
- Apps with poor security reputations or recent breach history
Apps to Keep:
- Essential productivity tools you use regularly
- Banking and financial apps you actively use
- Security tools (password managers, 2FA apps)
- Communication tools your work requires
🛡️ Best Practices Going Forward
Before Connecting New Apps:
- Read permissions carefully – Don’t just click “Accept”
- Choose minimal permissions – Only grant what the app actually needs
- Research the developer – Look up their privacy and security practices
- Use “Sign in with…” cautiously – Consider creating separate accounts instead
Regular Maintenance Schedule:
- Quarterly reviews – Set a calendar reminder every 3 months
- After data breaches – Immediately review if your connected apps were involved
- Job changes – Remove work-related integrations from personal accounts
- Annual security audit – Deep dive into all account permissions once per year
Security Settings to Enable: Two-factor authentication on all major accounts, login alerts for new app requests, and regular security checkups offered by Google, Microsoft, etc.
🔧 Troubleshooting Common Issues
“I removed an app but it still has my data”
Removing access stops future data collection but doesn’t delete existing data. Contact the app developer directly to request data deletion, or check if the service has a data deletion option in their settings.
“An app says it needs broad permissions”
Consider if you really need that app. Look for alternative apps that require fewer permissions, or create a separate account just for that app if necessary.
“I’m not sure what an app does”
Google the app name and developer, check app store reviews and ratings. When in doubt, remove it – you can always reconnect later if needed.
🚨 Emergency Steps After a Breach
If you learn that a connected app has been breached:
- Immediately revoke access using the steps above
- Change passwords on any accounts that might be affected
- Monitor accounts for suspicious activity for several weeks
- Enable additional security like 2FA if not already active
- Consider identity monitoring if sensitive data was involved
Remember: It’s always better to be cautious and remove access than to leave your data vulnerable through unused app connections.
🛡️ Take Action Today
Don’t wait for the next data breach. Spend 15 minutes now to secure your accounts:
Secure Google Account Secure Microsoft Account Secure Apple ID
