Disconnect a platform
Disconnecting a platform is instant and total — every agent that held scopes on it loses access on its next call.
How
/platforms → find the platform card → click the trash icon (or the Disconnect action, depending on the layout).
You’ll get a confirmation prompt:
“Are you sure?
{N}agents will lose access to{platform}. This cannot be undone.”
The number is exact — it counts active agents with at least one scope granted on this platform.
Click Disconnect (red) to proceed, or Cancel.
What happens
- The encrypted credential is removed from AgentValet’s vault
- Where the platform supports it (OAuth providers), the token is revoked at the source
- All permission rows for that platform across all agents are dropped — affected agents return
scope_not_grantedon their next call to this platform - A
platform.disconnectedrow is written to the audit log
When to disconnect
- The credential leaked or you’re rotating
- You’re shutting down an integration entirely
- An employee left and the platform was theirs
For temporary issues (the token expired and you want to refresh, not remove): reauth instead.
Reconnecting later
A disconnected platform isn’t deleted — its catalog entry is still there. Connecting again is the same as the first time: OAuth or API-key flow, fresh credential, fresh encryption.
Permissions for agents are NOT restored automatically — they were removed when you disconnected. You’ll need to re-grant them on each agent’s detail page.