/oauth2/connect/checkSession
Use this endpoint to retrieve session state. Learn more in Session management.
A relying party client creates an invisible iframe
with the URL to the endpoint as the src attribute of the iframe tag.
Use the endpoint to accept HTML5 postMessage requests from the iframe,
and to generate postMessage requests to the iframe with the end user’s login status.
Don’t specify the realm in the request URL; for example:
https://<tenant-env-fqdn>/am/oauth2/connect/checkSession