> ## Documentation Index
> Fetch the complete documentation index at: https://docs.oleria.com/llms.txt
> Use this file to discover all available pages before exploring further.

# External access

See every external user who has access to your organization's internal assets - and revoke that access directly from Oleria. When external permissions are left in place after a project ends, they become an unmonitored attack surface. The External Access page gives you the visibility and control to close those gaps.

## Visibility

Oleria shows all external users and externally shared assets across all connected integrations.

**External users** are users outside your connected instance who have access to your organization's data in that specific instance - for example, an auditor with access to audit findings in Google Workspace.

![](https://cdn.prod.website-files.com/63fc7e99bfef1938067db500/67c0e70d24b9d50d2133b277_AD_4nXfuDz3coisaCGu4fs6rCup4qsClhFW-hfjb8kvVxiZZj_qJBMOBk5qfqaPGuQ1UNe1Ooyyni64D_unJfJDc7l-ElzJ6py8x-swXMkat9da_D6znMH-O-VsOcRbeo6KnbivUKwz6lw.png)

**Externally shared assets** shows all assets (files, folders, repositories, Salesforce cases) in your connected instance that have been shared with at least one external user - for example, a Salesforce case shared with a third-party financial vendor.

![](https://cdn.prod.website-files.com/63fc7e99bfef1938067db500/67c0e70d694e24a8719744b4_AD_4nXedPU_q5zQE4ZlJD5eTPPJSkeuVgjxOy_kdvdSWlZbij6KaYlkpyP_YAcBIRUjYoH7MAyjl12eu7dwmQfBG1OJot9-OJYJiTVIe49sryeeHmdy07ya15v2R1J-IBSMlgW0Hte0jDA.png)

Use the **Sharing Method** filter to group external access by category:

* **Freemail** - any publicly available freemail provider, for example Gmail.com.
* **Third party vendor** - any commercial email domain, for example vendor.com.
* **Anonymous** - publicly shared through an "Anyone with a link" mechanism.

## Intelligence

Oleria surfaces not only direct external shares, but also **inherited permissions from complex access chains**. For each share, you can see exactly who shared the resource, how it is being shared, and where the permissions originate - giving you a complete picture of external access in your organization.

![](https://cdn.prod.website-files.com/63fc7e99bfef1938067db500/67c0e70ea198b02b1b8d40c2_AD_4nXfYzx_RQ3_OAny70l_YV5A-5C4EHGue9IB4nGsODDf4H0hqWwgNo2AETqtXcRYBwqjADpxxLrY6gDTlWHtK06XAusu1Tml6wYTG_98SoJHyIBj1bTHBpG92ldPiTIf3EROzA5We.png)

Oleria also populates access trails with **usage analytics** so you can see which external accesses are active, when they were last used, and which are dormant. Dormant external accesses are strong candidates for revocation to reduce over-provisioning and move toward least privilege.

![](https://cdn.prod.website-files.com/63fc7e99bfef1938067db500/67c0e70d96c20a0db94dd833_AD_4nXfz1jf98XsfOVrNUsXvpLykGRmp-_x2Aq8poP0_UEh8Kwfnzhf73ANxuw49Qv9EhDSUh1SmKBc0Tch04HyQVFlSWqkuY5NWgepEH60HmRIxUv6h5DkWq2jaMyiYWzL1FPOHGUgOLQ.png)

## Revoke external access

In addition to visibility and intelligence, you can initiate **revocation** directly from Oleria to your connected applications. Revoke external access by individual user, shared asset, or at the application level.

![](https://cdn.prod.website-files.com/63fc7e99bfef1938067db500/67c0e70d7b9ab553a8bb6af0_AD_4nXfvRVS8JTrVKpQzaROrPcd5lhhFH_Vv41jvyCr0UJ34s4jXxLqT8TN7hPoccqu1oYiyPb_ilmaX2eGPDSzNdkVCo5ZfvZTfV_65uPuk7Q4f-oJpi5OT_wjTyd_B6n2YcX4MbSXBEw.png)

For step-by-step revocation instructions, see [Revoke external users' access permissions](/governance/revoke-external-users-access-permissions).

## Contact us

For questions, contact us at [support@oleria.com](mailto:support@oleria.com).
