AM 7.5.0


The /oauth2/connect/checkSession endpoint is defined in OpenID Connect Session Management 1.0 - draft 5.

A relying party client creates an invisible iframe with the URL to the endpoint as the src attribute of the iframe tag. Use the endpoint to accept HTML5 postMessage requests from the iframe, and to generate postMessage requests to the iframe with the end user’s login status. For details on checking session state, refer to Session management.

Do not specify the realm in the request URL; for example:
Copyright © 2010-2024 ForgeRock, all rights reserved.