Teams: AzureAD Group membership refresh interval

I configured AzureAD as my authentication provider, enabled groups support and am able to see my AAD groups when performing authentication test in Cloudflare Teams.

Assuming, I create a Cloudflare group that is populated with "include Azure group " as per the documentation and I add a user to the AAD group, when can I expect this change to be reflected on the Cloudflare side? Should I revoke user’s access and force them to re-authenticate in their WARP clients? Or is this controlled by the “Global session timeout” setting? Thank you.