How does many web site your company have? Each site, user maybe using difference password (sometime username also) and remember the link. Some people require SSO and software department implement that. They made an Auth API, call this API for authentication and implement the same boring feature for many sites.
Why don’t you make a separate site for authentication only ? The main site will redirect to authentication site when user not yet login. After user login success (support Oauth2 also), main site will be callback to the main site with a token and using it in whole session. We can make many other sites and using one Auth only.
Reference from OAuth0