We are working on optimizing custom agent that utilizes C SDK. 

Is there an option to get the AgentKey and use it to decode SM_SESSION cookie without roundtrip to Policy server?

Sm_AgentApi_DecodeSSOToken() This API automatically calls Sm_AgentApi_DoManagement() API to check for any update in the Agent Keys if the Agent Keys that it has is stale. 

The Agent Keys goes stale every 30 seconds. This duration is not configurable on the Agent side. 

So unfortunately, there is nothing we can do to prevent C SDK agent API to prevent checking the Agent Key while making the Sm_AgentApi_DecodeSSOToken() API call.

SMSESSION cookie is supposed to be updated every time to record the "last access time". This is required to enforce idle/max session time outs. 

So its not really possible to cache all available SMSESSIONS. They keep on changing all the time.