How to structure authorization for multiple uses?

I’m getting a bit lost in all the different schemes and terminology and could use a bit of pointing in the right direction.

The user can sign into a website where they can edit info, pay etc. From here they can click the link to the web app which is hosted separately. The web app makes API calls to yet another server. How can the authorization and authentication be structured for this without having to login multiple times?



Welcome to the Auth0 Community!

It sounds like you are looking for Single Sign-On. This will allow a user to log in to one application, then another, without having to provide credentials a second time. If you have ever used google login to log in to gmail, then to gcal, it is the same concept.