The corporate authentication system checks if you do already have a security context or you need to identify it. If the authentication succeeds, the authentication service application will generate a JWT authentication token including the username (encrypted using a secret key that you can generate in your Kiuwan account settings page).
Once the auth token is ready, the system redirects to your browser
The browser requests access to kiuwan.com with an authenticated request that kiuwan.com recognizes, granting access to the requested resource.
You can find a sample authentication service application (kiuwan/kiuwan-local-authentication) as a sample to get started. This sample application uses Tomcat (tomcat-users.xml) as an authentication mechanism, but you can freely adapt to any other external auth system.