/oauth2/connect/checkSession
Use this endpoint to retrieve session state. Learn more in Session management.
A relying party client creates an invisible iframe
with the URL to the endpoint as the src
attribute of the iframe
tag.
Use the endpoint to accept HTML5 postMessage
requests from the iframe
,
and to generate postMessage
requests to the iframe
with the end user’s login status.
Don’t specify the realm in the request URL; for example:
https://<tenant-env-fqdn>/am/oauth2/connect/checkSession