Forcibly revoking access?

[jordanmerrick]

Now that more apps are supporting the new authentication method, is it possible to still revoke access to some or all apps that have authenticated using SSO? Under the old authentication process, changing the account password would revoke all existing access tokens. This doesn't seem to be the case now though.

Some apps like ev.energy use SSO but offer no way to revoke access (they say to email their support team). My concern is that using an app like this with no ability to nuke access could be a liability.