Based on the description it should just revoke and invalidate the refresh tokens.
"The Revoke-AzureADUserAllRefreshToken cmdlet invalidates the refresh tokens issued to applications for a user. The cmdlet also invalidates tokens issued to session cookies in a browser for the user. The cmdlet operates by resetting the refreshTokensValidFromDateTime user property to the current date and time."
To actually disable the user you would use:
Set-AzureADUser -ObjectId johndoe@contoso.com -AccountEnabled $false
References:
https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/users-revoke-access