I am working on a case where the end user has O365 Gatelets Activated. When they remove their secondary ID from CASB, they get a 'Page access denied' page while going to Sharepoint which is as expected. When they re-add the secondary ID, they are able to get into Sharepoint which is also working as expected.
But when they disabled the user on CloudSOC and then clear cache on browser they are able to get into Sharepoint without any issue. (This should have been access denied as well). We signed out and logged back in, reconnected the WSSA but was still able to login to Sharepoint. They tried deleting the user from CloudSOC and it seems to not make any difference as well.
Is there any setting or anything that they need to do to make this working?