Scenario as picture below. 1 application with 2 access profiles that have a overlapping entitlement.
The access profiles represents 2 different permission levels in the application and the overlapping entitlement is an AD group that enables SSO functionality in the application. If a user have both of the roles in the application and one of them are removed the entire application are removed from the user.
Is this an expected behavior?
