Your agent went rogue at 3am. How long until you stop it?
Building a custom revocation system is a weekend project that never gets done. Civic ships revocation as a product feature. Every authorization has its own revoke button in the Civic dashboard. Instant. No jira ticket required.
You told the agent to stop. It didn't care.
You noticed the agent acting up at 3:12am. You scrambled to revoke its credentials. 40 minutes later, it was still making calls. Partial revocation isn't revocation.
OAuth token revoked in Google Admin
Agent cached a refresh token. Still sending.
Bot token rotated in Slack dashboard
Session cookie still valid. Agent reconnected.
Personal access token deleted
Agent committed 4 more times before token cache expired.
Database password rotated
Connection pool killed. 3 queries were mid-flight.
API key regenerated in dashboard
2 charges already processed before key expired.
Twenty-two minutes. Five dashboards. Two tools still compromised. That is what revocation looks like without per-tool instant cutoff.
Per-tool revocation. Instant. No cleanup.
Revocation that actually works
Full action history
No waiting for token expiry. No support tickets. One action and the agent loses access to each connected tool within milliseconds.
Granular scope
Revoke access at the level you choose: tool-by-tool, across an MCP server, or down to specific functionality within a tool.
Non-destructive revocation
Revoking access doesn't destroy connections. Restore or re-authorize access after an incident without reconfiguring the integration.
Every connection. Gone.
Stop worrying about whether you can actually shut it down.