In AM 5.x and above the ../sessions?_action=validate endpoint currently always resets the SSO token idle time. In a high load environment this means for every SSO session validate call a write is made to CTS and thus will incur a significant performance overhead. Previous versions of AM included the `../sessions?_action=isActive` action for this case, but this was not included in the refactor for AM 5.x.
This ticket is to introduce a means for the caller to determine if the session is valid, without updating the last accessed timestamp (and therefore a possible write to the CTS). The proposed method of doing this is by adding a new parameter to the `validate` action to allow the caller to decide whether it should refresh the session or not.
This should be updated to allow the following:
The response from this would indicate that the session was valid without updating the idle time.