Hi,
If they are both in the same tenant, they can both have the login functionality implemented. If you want b.service.com to use main.service.com as an identity provider (IdP), you should move b.service.com to a new tenant and use main.service.com as a custom OAuth2 connection. Otherwise, it makes more sense for both to implement the login functionality since b.service.com is not using main.service.com, but they are both using the same database.
If you have any other questions, feel free to reach out.
Have a good one,
Vlad