How do you know which users are currently using Portal, at any given moment in time? Which users have an open, active session/token that can be used later in the day or for the next two weeks?
From an admin perspective - it would be great to have an admin tool to view open, active connections (sessions/tokens) and be able terminate or end the session for any number of security reasons.
Either an employee gives a two week notice or the individual needs to be walked out of a business (immediate job termination), an ArcGIS Enterprise Admin should be able to immediately end a session/token associated with that user.
My current experience: My Organization area in Portal for ArcGIS has a disable option, but it does not end an active session; user is allowed to navigate Portal freely even though an admin disables the Portal account. Only on deletion of the Portal account does the session get immediately expired.
In some organizations, security dictates the technical implementation of technology. This drive the configuration of applications to reduce risk. In the same ballpark, having admin tools to view and control sessions helps reduce risk to integrity and availability of data (part of the CIA of CISSP, ISC2).