So this would be up to the user to revoke the full app its access, even when he might not know something got leaked. 
Would be nice to have such a route to improve security though. Maybe in the future as it’s part of the OAuth2.0’s definition.
Thanks for the reply though.