Skip to content

Free Tech Tutor

Revoke Third-Party App Access to Your Google and Social Accounts

Revoke third-party app access to your Google, Facebook, Microsoft, and Apple accounts in minutes and finally close the old app connections you forgot about.

I found out the hard way that a food delivery app I deleted two years ago still had full read access to my Google Contacts. I only noticed after a friend’s Instagram got hijacked through an old quiz app she’d forgotten about. If you want to revoke third-party app access to your Google account and your social accounts, it takes about five minutes and no technical skill beyond clicking the right menu.

Most people sign up for a new app with “Continue with Google” and never think about it again. The real risk isn’t the app you use today — it’s every app you stopped using but never disconnected, because each one still holds a live key to your account.

Quick Answer

To revoke third-party app access, open your Google Account’s Security page and remove apps under “Third-party apps with account access.” On Facebook, Instagram, or Microsoft, go to Settings, find Apps and Websites (or Connected Experiences), and remove anything you don’t recognize or no longer use.

What Is Third-Party App Access, and Why Does It Matter?

Third-party app access is the permission you grant when you use “Sign in with Google” or “Continue with Facebook” instead of creating a new password. The app asks your account to vouch for you, and in exchange you hand it a scope of data: your email, contacts, calendar, or even the ability to post on your behalf.

That connection doesn’t expire when you stop using the app. I’ve found abandoned quiz apps, old resume builders, and a defunct budgeting tool still listed as “active” on my own accounts, each one a standing door into my inbox or photos. A stale connection is riskier than a stale password, because you can’t rotate it out of habit — you have to remove it yourself. It’s the same blind spot I cover in my 10-minute Google Security Checkup.

Every app you connected and forgot about is a live credential nobody is watching but you.

How Do I Revoke Third-Party App Access on Google?

Step 1: Open Your Google Account Security Page

Go to myaccount.google.com/permissions while signed in, or navigate manually: Google Account > Security > “Third-party apps with account access.”

Step 2: Review Each Connected App

You’ll see every app with access, plus a short description of what it can see or do. Tap any entry to expand the exact permissions — some only read your email address, others can read your Drive files or send email as you.

Step 3: Remove Access You Don’t Recognize or Need

Select the app, click “Delete all connections,” and confirm. This immediately revokes the app’s OAuth token, so it can no longer pull data from your account even if you never open it again.

Pro tip: Sort by permission scope, not app name. An app you use weekly but that only reads your basic profile is lower risk than a forgotten app with access to Gmail or Drive.

Google’s own permissions page is the single fastest place to see and cut every third-party connection at once.

How Do I Revoke Connected Apps on Facebook, Instagram, Microsoft, and Apple?

Facebook and Instagram

On Facebook, go to Settings & Privacy > Settings > Apps and Websites. On Instagram, go to Settings > Security > Apps and Websites. Both list active sessions; tap “Remove” on anything you no longer trust. I cover the rest of that lockdown in my social media privacy checkup.

Microsoft Account

Visit account.microsoft.com, sign in, and open Privacy > App access. Microsoft groups apps by what they can access, so you can spot over-permissioned apps quickly.

Apple ID

On an iPhone, open Settings > [your name] > Sign in with Apple. This shows every app using Sign in with Apple and lets you stop sharing your relay email or full identity with a tap.

Account Where to Check What You Can Revoke
Google myaccount.google.com/permissions OAuth tokens, Drive/Gmail/Contacts scopes
Facebook/Instagram Settings > Apps and Websites Login sessions, posting permissions
Microsoft account.microsoft.com > Privacy Profile, email, and file access
Apple ID Settings > Sign in with Apple Relay email, shared identity data

Troubleshooting tip: If an app you still use suddenly logs you out after you revoke it, that’s expected — reconnect it deliberately and check the permission list it requests this time before approving.

Every major platform hides its connected-apps list under Settings, and clearing it takes the same three steps everywhere: find, review, remove.

Common Mistakes to Avoid

  • Assuming deleting the app deletes the connection. Uninstalling from your phone does nothing to the OAuth token on Google’s or Facebook’s servers — you must revoke it separately.
  • Only checking Google and skipping social accounts. I’ve seen more abuse through forgotten Instagram quiz apps than through Google itself; check every account you use to sign in elsewhere.
  • Revoking access without checking what breaks. If a smart-home or fitness app relies on that connection, removing it may stop syncing until you reconnect. On Android, this overlaps with the tracking permissions in my Android privacy settings guide.
  • Ignoring the permission scope shown before you connect a new app. If a simple game asks for contacts and calendar access, that’s a red flag worth declining at signup, not cleaning up later.
  • Doing this once and forgetting it. New connections pile up every time you sign up for something with an existing account, so treat this as a recurring check, not a one-time fix.

Most mistakes here come from treating app access as a one-time setup step instead of an ongoing habit.

Frequently Asked Questions

Does revoking third-party access delete my data from that app?

No, it only cuts off future access; any data already copied to the app’s own servers stays there. When I revoked access for an old resume tool, I still had to email support separately to delete my stored resume.

Will revoking access log me out of the app immediately?

Usually yes, the next time the app tries to refresh its connection. I’ve had apps stay logged in for a session before finally prompting me to sign in again.

Is it safe to remove an app I don’t recognize?

Yes — if you don’t recognize the name, you aren’t using it, and removing it carries no downside beyond reconnecting if you were wrong. I remove anything I can’t place within five seconds.

How often should I check my connected apps?

Every three to six months, or right after a major password reset or a friend’s account gets compromised. That second trigger is what got me checking mine in the first place. If you haven’t already, pair this with switching to a passkey so the accounts you’re protecting are harder to phish in the first place.

Can a revoked app still send me spam email?

If it already has your email address stored, revoking access won’t stop emails sent to that address — unsubscribe or block the sender separately.

Conclusion

Revoking third-party app access closes doors you forgot were ever open, and it takes less time than reading this article. Open your Google permissions page now, remove anything you don’t recognize, then do the same on Facebook, Instagram, Microsoft, or Apple before you close the tab.

Author Tech TutorPosted on July 4, 2026Categories Security and PrivacyTags app-permissions, cybersecurity, data-collection, Google account, online-scams, privacy settings

Post navigation

Previous Previous post: How to Remove Your Personal Info From Google Search Results
Next Next post: Update Router Firmware the Right Way: A Step-by-Step Guide

Archives

  • July 2026
  • June 2026

Categories

  • AI Tools
  • Android
  • Browsers
  • Email and Cloud
  • Internet and Wi-Fi
  • iOS
  • Messaging and Apps
  • Productivity
  • Security and Privacy
  • Windows

Anti Drone System

Recent Posts

  • Update Router Firmware the Right Way: A Step-by-Step Guide
  • Revoke Third-Party App Access to Your Google and Social Accounts
  • How to Remove Your Personal Info From Google Search Results
  • Phone Stolen? Do This in the First Hour to Protect Your Data
  • What Is End-to-End Encryption and How Does It Actually Protect You
Free Tech Tutor Privacy Policy