My users are authenticated by an external IdP using a SAML V2 connection. My app provides the access token to other internal components to grant access to services on behalf of the user (who might be offline for a long time). When the access token expires, we use the refresh token to renew it.
However, if the user is deleted or deactivater on the IdP side, I would like that the request for a new access token fails. Is this possible ?