After upgrade to CICS 5.6, Gen CICS application user logon attempts are failing and the user ID becomes revoked.
This is a Gen client/server application using Gen Client Manager with an LU6.2 SNA/CPC-C connection to z/OS.

Gen CICS server applications.

The LU6.2 connection definition has ATTACHSEC=LOCAL (a user identifier or password is not required or expected).

Change LU6.2 connection definition to ATTACHSEC=VERIFY (requires user identifier and password).

Related Gen 8.6 doc. page: Working With Distributed Processing > z/OS Security > LU6.2 Security - see section "APPC User Security"

Related IBM CICS doc. page: CICS Transaction Server for z/OS > 5.6 > Meanings of ATTACHSEC operand