 Let's go ahead and take a look how a typical single sign-on flow would look like. A user would browse to domainx.com which then will redirect them to the authentication server. Two things can happen in the authentication server. One, the user can be logged in for the first time, enter the credentials and the authentication server will validate them. Or two, it's not the first time that the user is there and there is already a cookie available.