Sharing of data between one domain and at least one other domain over a network is facilitated by the use of tokens. A user token set in a cookie stored on the user's system at log-on to a first domain is used to create, or is associated with, a secure token passed by a first domain to a second domain when the user, in a session with the second domain, requests resources, access to which includes authorization by a first domain. The secure token facilitates various actions pertinent to a user in a session with said second domain, including, for example, the maintenance of an active, concurrent session between a user and a first domain, and authentication and authorization without log-on at a second domain or other domains.