/oauth2/connect/checkSession
The /oauth2/connect/checkSession
endpoint is defined in
OpenID Connect Session Management 1.0 - draft 5.
A relying party client creates an invisible iframe
with the URL to the endpoint as the src
attribute of the iframe
tag.
Use the endpoint to accept HTML5 postMessage
requests from the iframe
,
and to generate postMessage
requests to the iframe
with the end user’s login status.
For details on checking session state, refer to Session management.
Do not specify the realm in the request URL; for example:
https://openam.example.com:8443/openam/oauth2/connect/checkSession