[keycloak-dev] Disabling SAML client

Hi, I am wondering what should happen in second scenario below. I have working SAML client and try to disable client in admin console in next two scenarios: First: 1. Disable client in admin console 2. Try to access client URL -> I am getting "Login requester not enabled". I think this behavior is correct. Second: 1. Login to client 2. Disable client in admin console 3. Nothing happens, secured resource is still available, even after some time. Is it correct? Shouldn't keycloak forbid to refresh token or somehow restrict accessing secured resource? Thank you, Michal Hajas.