Review the applications managed by your organization to verify that no new applications with expansive permissions were authorized and that the callback URLs haven't changed.

  1. In the top right corner of GitHub, click your profile photo, then click Your profile. Profile photo

  2. On the left side of your profile page, under "Organizations", click the icon for your organization. organization icons

  3. Under your organization name, click Settings. Organization settings button

  4. In the left sidebar, click Applications. Applications tab

  5. Under "Organization applications", click the name of an application to review it. Applications list for organizations
  6. Ensure that the callback URL and description are correct. If you suspect that malicious activity has occurred, click Revoke all user tokens to automatically log out all of your users and ensure that their data will have no more unauthorized access.