When users access services on computer devices, they provide credentials to establish their identities with the service provider and thereby access the services. For example, a user may gain access to a social media account, an email server, an online productivity application, an online forum, an online bank account, an instant messenger service, etc., by providing a username and a shared secret, such as a password, biometric marker, a key, or a derived token. Some online services allow for a Single Sign On (SSO) experience, where a user provides a username and shared secret to for one service and may access a second service without resubmitting a username and shared secret. These SSO experiences are achieved either through an identity federation between services providers (agreeing to trust one another's authentications) or by maintaining a session-based authentication cookie for the user and an Identity Provider (Idp). In some aspects, a service provider is also an IdP, which may require its own authentication and authorization service to be used, which precludes the use of an SSO experience via an identity federation in some situations where the parties may not trust one another to provide secure logins. Similarly, authentication cookies are not platform agnostic, which precludes their use for providing an SSO experience in situations in which multiple platforms (or devices) are used.