![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 7.000000000000001%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
610 questions
Closing the request will take effect on the next run, so you'd have to trigger a cycle for the changes to take effect. If the user is already granted a token in the protected forest, that token would have to expire before the functional permission is removed. If you need to have it take effect more quickly, change the TTL for the token in the protected forest.
https://learn.microsoft.com/en-us/microsoft-identity-manager/pam/principles-of-operation
