So if a user has access in OKTA (for example) to use a given app (Samly SSO enabled), they successfully sign in and later their permissions to that app are revoked, it seems like the user remains logged in through Samly, it looks like notonorafter could be used for automatically expiring the sessions, is this something we should take care of outside of Samly? or am I missing something?
So if a user has access in OKTA (for example) to use a given app (Samly SSO enabled), they successfully sign in and later their permissions to that app are revoked, it seems like the user remains logged in through Samly, it looks like
notonorafter
could be used for automatically expiring the sessions, is this something we should take care of outside of Samly? or am I missing something?Thanks!