Hi @Vishnu_Prasath! The login flow in the Central frontend relies on the cookie returned by POST /v1/sessions. When the user first visits the frontend, the Vue router will generally redirect them to the login page unless it is able to use the cookie to identify an existing login. However, the API docs recommend not relying on that cookie. We don't consider the cookie part of the stable API, so any aspect of it may change. Currently, the cookie is "domain-locked" because its name includes the __Host- prefix.
If you're reading code in the frontend, note that src/util/session.js contains relevant code. Note though that we don't make guarantees about the behavior of the frontend. Developers should consider the API the stable interface.
There's been some recent discussion about SSO here. We haven't had any new updates since then, but please feel free to continue checking in about our plans related to SSO.