Hi,
I forgot to mention that the component that need that information is not behind an CA SSO agent or SPS. That's why I need a service to respond that information. In fact, the component is CA API Gateway. The API Gateway will receive a request that will have SMSAMLDATA cookie but it cannot decrypt it, so it will query a service to CA SSO to get the SMSAMLDATA content. Then, API Gateway will query a service that need that information by adding them to the claims.