ssh agent forwarding (1) is sometimes a required as a means to provide easy ssh access to a third machine starting from a local workstation by using public and private keys

The question may arise whether there is some way of configuring it within CA PAM

Any configuration used at PAM which implies usage of CA PAM capabilities, such as session recording, will require the connection to be interrupted at the CA PAM server and established between the CA PAM server and the final target.

This breaks the logic of using Agent Forwarding, and hence this can't be configured within the scope of PAM. 

(1) SSH Agent Explained