What would you like to see?

There are many situations where SSO is managed by some external service of platform that AnythingLLM is simply a sub-offering of. The issue becomes the following:

1. User exists or logs into some external service or platform via SSO
2. The user wants to access AnythingLLM, but requires a totally different login to leverage.
3. This adds administrative overhead and makes AnythingLLM an external service that is harder to maintain userspace within that matches the external service.
4. Since often the external platform and AnythingLLM are cross-domain or not on the same origin you cannot set a session token for AnythingLLM via the original domain.

Solution:
There should be an optional ENV flag that enables an endpoint to exist that permits a token to be embedded that is fetchable from a query param that "auto login" a user when present in the URL.

This token to be embedded in the URL should be a lookup token that is only valid once and is able to set the user session on login. Issuance/creation of this token for a user can be done via the developer API.

This feature and its associated features are all disabled unless the simple sso feature ENV flag is enabled.