I've a POC, we need to disable access for one particular application out of the lot whole through Single Sign On policy, if the person hasn't accessed the application for 180 days. This access detail for the application will be maintained in the SQL database.
So, what is the way to have 2 authorization policies one based on AD OU and another based data in SQL(for application access) and disable access for associates who haven't accessed the application for 180 days.
We cannot govern this through the Active Directory as if we disable access for the person who hasn't accessed the application for 180 days then access will be lost for all the applications.
How can this be achieved?