Assume a situation in which there are two Auth0 clients: client A and client B.
A user signs in through Auth0 Lock for client A.
How can a JWT Bearer token be obtained for both Auth0 client A and Auth0 client B without requiring the user to sign in another time?
If the authentication to either of the clients is performed in a way that allows for a session to be established at the identity provider (your Auth0 tenant/domain) then subsequent authentication requests can be completed based on that active session and without forcing the end-user to actively provide credentials again.
You do not mention the characteristics of the clients, but assuming they are web applications then implementing the authentication through the hosted login page would ensure the creation of such session and allow for SSO across both applications. You can even perform a type of authentication request (aka silent authentication) that is ensured to either succeed or fail without triggering any end-user interaction; this could be helpful to renew tokens or do a background check to see if there is a session that can be used for SSO.