When logging out with the MusicBrainz account Picard should send a request to the server to revoke the OAuth2 access and refresh token. See the comment in picard.oauth.OAuthManager.revike_tokens and the server side implementation at https://musicbrainz.org/doc/Development/OAuth2#Revoking_a_token