Running AM_AGENT_REST_LOGIN=5 does not work with AM 6 and it fails with the following exception
2018-10-22 13:30:22.788 +0800 DEBUG [0x7f39a6ffd700:14411][source/net_ops.c:323] send_restlogin_request(): sending 351 bytes to http:2018-10-22 13:30:22.794 +0800 DEBUG [0x7f39a6ffd700:14411][source/net_ops.c:343] send_restlogin_request(): response status code: 403
what is odd is that running an external rest call to test the connection works
curl -s -k --request POST --header "X-OpenAM-Username: $user" --header "Accept-API-Version: resource=2.0, protocol=1.0" --header "X-OpenAM-Password: $password" --header "Content-Type: application/json" "$openam/openam/json/realms/root/authenticate?authIndexType=module&authIndexValue=Application"
It is suspected that AM 6 now needs an additional header which the Agent 4.x does not cater
Access Management 6 includes a new CSRF filter that applies to all REST endpoints under the json/ root. It requires that all requests other than GET, HEAD, and OPTIONS have, at least, one of the following headers: