Rescan or revoke access

Run a fresh scan, or end LeakTrace's access entirely.

Last updated 2026-05-11 BEC Audit

The OAuth token from your initial consent stays valid until revoked, so you can rescan any time without re-consenting.

Rescan now

From your BEC audit report, click Rescan now. The fresh scan replaces the previous one and shows you what changed since last run. Useful after you remediate findings, or after a suspected incident.

Revoke access

Revocation is a two-step process. Do both to be certain.

  1. On our side: click Revoke access on your BEC audit page. We delete our copy of the token.
  2. On the provider's side: remove the LeakTrace app from your account's third-party access list. Microsoft 365 users: myapps.microsoft.com. Google Workspace users: myaccount.google.com/permissions.

Why two steps

Step 1 prevents us from reusing the token. Step 2 invalidates the token at the provider so it cannot be reused by anyone — including via a compromise of our systems. Doing both is the only way to be fully certain.

Did this answer your question? If not, the AI assistant in the bottom-right can help, or email [email protected].