Skip to main content

Managing Connected Apps

Every time you sign in to an app using mwen.io, the wallet records a connection. This lets you keep track of which apps have your identity, review what you have shared, and disconnect any app at any time.

Viewing your connected apps

  1. Click the mwen.io icon in the toolbar to open the wallet.
  2. Navigate to Connected Apps.

You will see a list of every app you have signed in to. For each connection the wallet shows:

FieldDescription
App nameThe display name the app registered with your wallet.
App identifierThe domain of the app (e.g. shop.example.com).
First connectedWhen you first signed in to this app.
Last usedThe most recent sign-in.
Scopes grantedThe claims the app was allowed to request (e.g. name, age, email).
Delegation grantWhether auto-approve is active for this app.

Disconnecting an app

To revoke an app's access:

  1. Find the app in the Connected Apps list.
  2. Click Disconnect.
  3. Confirm the prompt.

What happens:

  • The wallet immediately removes the connection record from local storage.
  • The wallet sends a signed revocation notification to the app's revocation endpoint (if the app has one configured). The app will end your session there.
  • Your per-app identifier for that app is no longer actively used. If you sign in again later, the same identifier is re-derived — the app will recognise you as the same user.

Disconnecting does not delete the per-app key. Because keys are derived deterministically from your phrase, the same key would be re-derived if you sign in again. If you want a completely fresh identifier for an app, you would need to rotate your keys (see Privacy & Security).

Delegation grants (auto-approve)

A delegation grant is an active permission that allows an app to receive fresh credentials without showing you a popup each time. You may have created one by checking "Auto-approve future requests" during a sign-in.

Delegation grants are visible in the Connected Apps detail view. For each grant you can see:

  • Which scopes are covered.
  • When the grant expires (default: 30 days).
  • How many times it has been used.

To cancel auto-approve for an app, click Revoke delegation on the grant. The next sign-in to that app will show the full consent screen again.

What disconnecting does NOT do

  • It does not delete any data the app already holds. Once the app received a claim and built a session, that session data lives on the app's own servers. Disconnecting stops future sharing, not past sharing.
  • It does not change your per-app key. The same key is re-derived if you sign in again.
  • It does not affect other apps. Each app is isolated.