Have a look into the SAML module, that should help you with SSO:
Hope this helps
What you could do after you authenticate the user is using a deeplink to automaticly log the user in. Good starting point is this blogpost: https://www.mattkdaniels.com/blogs/walkthrough-enabling-autologin-functionality-within-your-mendix-app
We used this blogpost to build a custom SSO.