Microsoft’s Graph API doesn’t allow apps to revoke their own access once permissions are granted. This means the Share‑one‑Drive plugin cannot automatically remove its access tokens or permissions—you need to do it manually.
For regular OneDrive Personal users:
- Go to https://account.microsoft.com/privacy/app-access and sign in.
- Locate Share‑one‑Drive in the list and click Details
-
Revoke permissions.
For regular OneDrive Business users:
- Go to https://myapps.microsoft.com and sign in.
- Find the Share‑one‑Drive app.
- Click Manage your application → Revoke permissions.
Note: If some permissions were granted by an admin, you might not see them here. In that case, follow the instructions 'For admins / tenant-wide consent' as well.
For admins / tenant-wide consent
- Open the Entra (Azure AD) admin center → Enterprise applications → Share‑one‑Drive.
- Check Permissions or Users & groups, and remove any delegated or admin-granted access.
- Optionally, use Microsoft Graph PowerShell to fully remove OAuth2 grants and app role assignments.
Why it’s manual:
Microsoft separates consent grants from access tokens, and the Graph API doesn’t provide a “self-revoke” endpoint like Google or Dropbox. That’s why revoking permissions requires manual action in the portal or via PowerShell.
Note
- Revoking the permissions will immediately remove the app’s ability to access your OneDrive or SharePoint data.
- After permissions are revoked, the plugin will no longer work until you re-authorize
- Because this involves app consent and enterprise application settings, some users may not have sufficient rights to remove all permissions. In that case, you will need your IT / Microsoft 365 admin to help.
For an overview of revocation across all providers, see How do I revoke the plugin's access to my cloud account?