SSO configured – How to disable user in Seafile when Authentik user is disabled?

Seafile 11.0.6 CE + Authentik SSO:
When a user is disabled in Authentik, existing OIDC tokens (especially desktop client) can still access Seafile.
Is this expected behavior, and is there a recommended way to immediately disable Seafile access in an SSO setup?

thanks!

Currently you need to disable users in Seafile manually.

We hope this feature can be considered for future development in Seafile Community Edition
thanks!