|I think it would be useful to have a function UserSessionID that could be included in a customer navigation link. It should reset at every login.|
Then an API endpoint to validate if a current SessionID against a User is valid with a simple True/False response. The UserSessionID shouldn't be exposed via API.
With that you could have a custom navigation button including the UserSessionID and User. The responding endpoint hits the Teamdesk API to validate the user, and if it comes back TRUE the user is considered authenticated.
If there's a similar way to do that right now, I'm all ears. The use case is a link from a Teamdesk page into another system that eventually redirects it back to Teamdesk.