Take a look at the following thread that details a way to do this with Token Inline Hooks (a Custom Authorization Server is required for this option): Validate access token is linked to Okta session - #2 by andrea
Note that the session id is only available in the payload sent to the Inline Hook during a new OAuth flow. It will NOT be present if a refresh token is used to get new tokens for the user.