We use Google SSO to set up accounts for both our staff and students. Our SIS app (Infinite Campus) pulls in stuff like courses, grades, and status. But, when these students leave or graduate, their status in the SIS gets switched to inactive. That's all good because we've set up data mappings to change their roles from "Student" to "No Access." This way, we can keep track of the number of students and devices we have throughout the year.
The issue we're running into is that IQ isn't assigning the "No Access" role because of a message we get from the SIS sync. It says “This user is inactive, but we can't change the role to NOACCESS because they've still got an active SSO account and the role mapping isn't set up for this app." I've talked to IIQ support, and they're saying that since the best way to make users is through Google SSO, I would need to disable these users Google accounts first.
So I'm looking for a way to use IIQ to help me disable these users Google account based on the SIS status info the same way that it’s also marking these account to be given the “NO Access” role in the first place. Or is there a way I can download the logs that have the error about active SSOs and disable them manually?