I completely understand.
As far as I know, this is not possible because the event.refresh_token.session_id does not exist at the time of the original login. However, when you perform a refresh token exchange, this property will exist, and you can add it as a custom claim. This works because all access tokens issued from a refresh token exchange will include the same session_id, as long as the session remains active. This ensures that the tokens are tied to the same session.
Ultimately, there is no way to get that value in the initial login request and append it as a custom claim.
There are also no other actions that can trigger during an authorization code exchange for an access token. Only the post-login action trigger is the best match for this use case.
I am curious, do you have any code snippets of what you have tried so far?
Kind regards,
Rueben