Both are under the same tenant and both have their own DB connection.
Why are they using two separate DB connections, instead of one?
That’s actually the reason that SSO doesn’t work in your scenario.
Because even though the user is logged into the first application using the first DB connection: since this first DB connection isn’t a valid user store for the second application, it wouldn’t allow access to the second application.