You should develop on server B a webservice that create a Secure Token, encrypt it with a symectric algo. Send the token to the server A. Server A then calls an other webservice on server B that use the token to authenticate.When you will use the token to login server A can decrypt it to verify that it's the one issued previously.