This can easily achieved with simple FQL query:

SELECT uid FROM user WHERE uid = {USER_ID_HERE} AND is_app_user = true

This will return uid of user if he is connected with app and nothing otherwise

Through the Graph API, from the docs (thanks @DMCS):

You can de-authorize an application or revoke a specific extended permissions on behalf of a user by issuing an HTTP DELETE request to PROFILE_ID/permissions with a user access_token for that app.

The olds REST API offers you auth.revokeAuthorization. You can read more about that on the auth.revokeAuthorization docs.

Be aware that the REST API will be deprecated in the future, although Facebook doesn't specify when exactly.

I am not aware of any way to get a list of apps a given user is connected to, or see any reason Facebook would make that available. To see if a user is connected to your app, the other answers here should provide you with a couple of ideas.

Here's how to deauthorize your app using Facebook iOS SDK v4:

#import <FBSDKCoreKit/FBSDKCoreKit.h>

...

NSString *graphPath = [NSString stringWithFormat:@"/%@/permissions", [FBSDKAccessToken currentAccessToken].userID];
[[[FBSDKGraphRequest alloc] initWithGraphPath:graphPath parameters:nil HTTPMethod:@"DELETE"]
    startWithCompletionHandler:^(FBSDKGraphRequestConnection *connection, id result, NSError *error) {
    if ( !error ) {
        NSLog(@"Facebook unlinked");
    }
}];

With the new Graph there is a documented way to deauthorize (I've tested it in the Graph API explorer and it works). Send an HTTP Delete command to "me/permissions" with a valid access token. Not only will it invalidate the access token, but it also removes the app from the user's list of auth apps. This requires the user to authorize the app again (going thru the permissions screens) to use it. Happy coding!

Please note Facebook in the process of deprecating the REST API, and have adding equivalent support to the Graph API User object for "auth.revokeAuthorization" method.

//$this->facebook is facebook object
//$userid is of logged in user or can be written hardcoded.
For checking linked in or not by making api call.

        $user_id = $this->facebook->getUser();
        $result = $this->facebook->api(array(
                'method' => 'fql.query',
                'query' => "SELECT is_app_user FROM user WHERE uid=$user_id"
        ));
        $is_installed = $result[0]['is_app_user'];
        if($is_installed==1) {
            echo 'Linked';
        }
        else {
            echo 'Not Linked';
        }


For delinking or deauthorization the user by making app call:

        $user_id = $this->facebook->getUser();
        $access_token=$this->facebook->getAccessToken();
        $result = $this->facebook->api(array(
                'method' => 'auth.revokeAuthorization',
                'uid' =>$user_id,
                'access_token'=>$access_token
        ));

Make an API call to /{USER_ID}/permissions with your App access token and it will show if that user has authorised your app

You can also check with the user's access token if you have one.

The response type will be something like this:

{
  "data": [
    {
      "installed": 1, 
      "bookmarked": 1
    }
  ] 
}

There'll be one entry there for each extended permission the user has granted your app and the installed line means they've installed your app

For a user who hasn't installed your app the response will be:

 {
   "data": [  
   ]
 }

You can also use FQL as Juicy Scripter suggests in another answer