OtterWise does not require access to your private repositories to function, but it does allow you to browse the code of your private repositories in the Code Viewer if you grant it access. This access is granted through a temporary token that you can revoke at any time.
If you have previously granted access to the Code Viewer, you can revoke it at any time by going to your profile page and clicking the Revoke now button. This will immediately revoke access to the Code Viewer, and you will have to reauthorize if you want to use it again.
Code Viewer Status
This is how it will appear on your profile page if you have previously granted access and the token is still valid:
This is how it will appear after revoking access, or when the token has expired (happens automatically after 2 hours):
If you have never granted access to the Code Viewer, you will not see any mention of it on your profile page.
You can always confirm by looking at your GitHub security log to see when OtterWise Code Viewer OAuth app has revoked the token, by looking for "oauth_access.destroy" logs.
Troubleshooting
Line coverage have to keep authorizing
The code viewer token automatically revokes after 2 hours. This is a security measure we built in to further minimise risk. Tokens with such access should not be long-lived nor required, so we took this measure.
This can be changed. OtterWise permits changing this expiration from 2 hours up to 30 days for convenience, while still keeping expiration. There is no risk to having it longer lived, still we believe in minimum-permissive and shortest-lived by default which is why we default to 2 hours.
To change this, simply go to your OtterWise profile and change the dropdown value for "Token Expiration":
