Applications that have been granted an OAuth2 token by a user cannot revoke their own OAuth2 token via API.

This is a feature that is provided by the GitHub API (https://developer.github.com/v3/oauth_authorizations/#delete-an-authorization), that is not currently available in the GitLab API. Since allowing an application to remove the tokens of other applications could be subject to abuse, I would find it sufficient for an application to only be permitted to revoke it's own token (and thereafter not have the permissions of the associated OAuth2 token)