The problem right now is that the validateToken method is supposed to return a org.forgerock.openam.sts.rest.token.validator.RestTokenTransformValidatorResult object, which takes a AMSessionId as a parameter. Suppose I pass the username and password in the request to the custom sts service and I can extract that username and password in the validateToken method, is it possible I use that username/password to create an AM session? I couldn’t find any documentation or example on that. If anyone can give some advice, I’ll definitely appreciate that. Thanks.