Some users are using a central login for their web services that allows their end users to seamless access many services without repeated logins. They would ideally like to integrate ThinLinc's Web Access in to this as well. The big standards in this area are SAML and OpenID Connect (OIDC). The former is older, more complex, but more widely deployed.
Nice DCV has some rudimentary support for this via a general mechanism where it's up to the users to actually integrate it to the specific systems/protocols: https://docs.aws.amazon.com/dcv/latest/adminguide/external-authentication.html
In some cases, the single sign-on is not just about user convenience, but also about delegating the responsibility of authentication. A site can then get rid of a lot of the burden of fulfilling all compliance requirements by having a central authority verify the users. They can then reduce their burden to just enforcing the access for that identity.
https://community.thinlinc.com/t/tl-web-access-through-basic-authentication/774
Another driver for this is to prevent phishing. Sysadmins have a better chance of educating users if they can tell them to only log in to one specific place and refuse all other requests. This is apparently a common goal in American universities, who have been repeatedly targetted in phishing attacks.
One convenience detail that is important is that the single sign-on login might have a long lifetime. That means that users could heavily reduce how often they have to perform annoying MFA steps.
