Logout user when user permission changes in active directory when user is logged in from ADFS SSO

I have an application that authenticates from ADFS 2016 using openidConnect. Once I get token form ADFS I create local cookie session in my application.

Problem When permission for user changes on ADFS server or user is disabled, how my application can trigger logout for user. ADFS provides any endpoint or api to check that?