I am using OpenAM 13 for storing policies and having policy evaluation via ../policies?_action=evaluate. The subject is specified as “ssoToken” as the user has been authenticated and has a valid session. That works fine.
Now i need to implement the refreshToken functionality in the same way as I would do with the OAuth API. The session has been expired already but I need to “refresh” it in order to use the (new) “ssoToken” for policy evaluation. How can I do that?
1. Can I have the OAuth2-like refreshToken functionality for the ssoToken as well?
2. Alternatively I would use the OAuth2 API, where I have the refreshToken functionality. How can I specify the subject of the policy evaluation when I have an OAuth2 access token only and no ssoToken?