SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

So first, you need to make sure that the session is shared across all sub domains: https://supertokens.io/docs/emailpassword/common-customizations/sessions/share-sessions-across-sub-domains

Then, in the other sub domains, you would use, both, the session recipe and the EmailPassword recipe, but you would set the websiteDomain value in that to `auth.example.com`, and not `appName.example.com`.

We have an example app may do something similar to what you want: https://github.com/supertokens/supertokens-auth-react/tree/master/examples/with-one-login-many-subdomains