Azure AD Defender Entra ID

Uninstall Fireflies.ai

by

The problem with OAuth apps is that they don’t ever fully uninstall themselves. The permissions are left there forever, even after you close the account, just waiting for a hacker to figure out how to exploit. In this blog I’ll show you what permissions are granted and how to remove them for M365 and Google users.

Fireflies is a meeting note taker. It is not unlike any other meeting notetaker on the market when it comes to permissions and account creation. Your introduction to Fireflies will probably happen when someone else in the meeting uses the app to record and transcribe the meeting and it sends you a recap, which if you decide to read requires the creation of a free account. When the account is created it gets permissions to your calendar using persistent OAuth. Even when you close your Fireflies account these permissions still remain granted to the application.

OAuth permissions for Fireflies

Removing Fireflies

Unless you want Fireflies to have permission to access your data anytime, sign-in and read your calendar, after closing your Fireflies account you will need to manually remove those permissions to your email account calendar.

Step 1. Close your Fireflies account. Login, then in your account go to Account Settings. At the bottom of the page you’ll find the Delete my account button. Press it. Next you are required to select a reason for deleting you account before it will let you do so.

Step 2: remove the OAuth permissions from your email account. If you are using Microsoft 365, ask your admin to use Defender for Cloud Apps to block the app from accessing your account.

To do so, simply click the ban action and the current permissions will be revoked and future ones will be banned from being given.

When the Ban action is select you are given the opportunity to send an email to any future user that attempts to use Fireflies an email letting them know that the app is banned in your network.

Email future Fireflies user atempts

If you have a Google account, then follow these instructions instead.

To remove OAuth permissions:

  1. Go to your Google Account security settings by visiting https://account.google.com/security.
  2. Scroll down to the “Third-party apps with account access” section and click “Manage third-party access”.
  3. Locate the app or service you want to remove permissions for and click “Remove Access”.
  4. Confirm that you want to revoke the app’s access to your account.

Want to remove other meeting notetaking apps? Follow these instructions for that too. It should work in the same way. For another example, see the article The invasive Otter (thirdtier.net)

All we do is support IT professionals. Help for IT Pros, M365 admin News, Security community, peer groups, MSP training and more. https://www.thirdtier.net

You may also like

blue green and red abstract illustration

Include IPv6 in Azure AD policies

Criminals of the world would love to know that they don’t have to deal with MFA if they phish you while you’re in the office. Now we’ve taken that option away

focus photo of yellow paper near trash can

Blocking Fileless malware

It’s an Attack Surface Reduction rule and it is exploited in the wild, so it’s import to close up this vulnerability to fileless attacks.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.