Hivel Off-boarding Guide
This guide helps your team safely disconnect Hivel from your systems, revoke credentials, and complete all steps required for a secure offboarding.
1. Summary Checklist
Please complete the following steps to ensure a full disconnection from Hivel:
Delete webhooks from Jira, GitHub, GitLab, Bitbucket
Revoke OAuth access for all Hivel apps (or your internal app name used for the integration) in: Google Workspace (GCal), Microsoft Entra ID (Outlook), GitLab, Bitbucket, GitHub.
Delete PATs, API tokens, and app passwords
Rotate any shared secrets used for Hivel
Validate no events or auth flows reach Hivel
Share confirmation + evidence with your Hivel representative
2. Prerequisites
Before beginning, ensure you have:
Admin access to your SCM and identity systems
List of repos/projects connected to Hivel
Names of OAuth apps or service principals used for Hivel
3. Remove All Webhooks
Jira
Path: Admin β Settings β System β Advanced β WebHooks
Steps:
Locate all webhooks pointing to Hivel endpoints.
Delete them.
Validate by triggering an issue update.
GitHub
Repository-level: Repo β Settings β Webhooks β Delete Hivel webhooks
Organization-level: Org Settings β Webhooks β Remove Hivel entries
Validation: Push a commit.
GitLab
Project β Settings β Webhooks β Delete Group β Settings β Webhooks β Delete
Bitbucket
Repo Settings β Webhooks β Delete Workspace Settings β Webhooks β Delete
4. Revoke OAuth App Access
Google Workspace (Calendar)
Admin Console β Security β API Controls β App access control β Remove or Block Hivel
Microsoft Entra ID (Outlook)
Entra ID β Enterprise Applications β Hivel β
Disable sign-in
Revoke admin consent
Remove user assignments
GitHub OAuth / GitHub App
Settings β Applications β Authorized OAuth Apps β Revoke Integrations β Installed GitHub Apps β Uninstall (if used)
GitLab OAuth
Preferences β Applications β Revoke Group Settings β Applications β Remove
Bitbucket OAuth
Personal Settings β OAuth / Connected Apps β Remove Workspace Settings β OAuth Consumers β Remove
5. Delete Tokens and App Passwords
Delete all credentials created for Hivel:
GitHub PATs: Settings β Developer settings β Personal access tokens (Classic/Fineβgrained) β Delete those issued for Hivel.
GitLab Access Tokens: Preferences β Access Tokens β Revoke/Delete Hivel tokens.
Bitbucket App Passwords: Personal settings β App passwords β Delete those used by Hivel.
Atlassian API Tokens: id.atlassian.com β Security β API tokens β Revoke tokens used by Hivel.
Secrets in CI/CD: Remove from your secret stores (GitHub Actions secrets, GitLab CI/CD variables, Bitbucket workspace variables, Jenkins credentials, Vault, etc.).
6. Optional Cleanup
These actions ensure complete security:
Rotate shared secrets
Remove Hivel IPs from allowlists (if any were added)
Disable Hivel service accounts
Remove deploy keys
7. Validation & Sign-Off
You can use the following Checklist to support your offboarding.
Jira Webhooks
Removed
β
GitHub Webhooks
Removed
β
GitLab Webhooks
Removed
β
Bitbucket Webhooks
Removed
β
Google OAuth
Revoked
β
Microsoft Entra
Revoked
β
GitHub/GitLab/Bitbucket OAuth
Revoked
β
PATs / App Passwords
Deleted
β
Secrets
Rotated
β
8. Final Submission to Hivel
Please send the completed checklist + evidence to:
π§ [email protected]
Hivel will:
Stop all ingestion jobs
Apply your chosen data retention/deletion policy
Send a confirmation once deletion is complete
Data Retention
If your agreement includes data deletion, specify whether you want immediate deletion or retention for X days for audit needs. Hivel will confirm completion and share a deletion certificate/logs as applicable.
Support
If you'd like help completing any steps, contact your Customer Success Manager or [email protected].
Last updated