I want to add some more details to my initial question. I need to understand the process after going through this thread and reading the reply by @gianni.zoom: Zoom Deauth - Compliance
@gianni.zoom said the following:
“you should revoke user access and remove their data 
”
So, here’s what the process should look like.
- A user uninstalls the app from the Marketplace.
- Zoom sends a request to the De-authorization URL.
- Our app will validate the call and confirm that the notification came from Zoom.
- Our app will then delete all user information stored against that user in our app.
- Additionally, our app will make a /revoke call to invalidate that user’s access token. The revoke process can be found here: OAuth for user authorized apps
Now, is the above process correct, or do we not need to perform point 5, as Zoom will invalidate the access token on its own once the user uninstalls at point 1?
Please confirm the above process, thank you.