SSO Keys and Tokens for Oauth

We’re having some trouble getting started with Oauth flows. Our community uses SSO for login and we need the sso.authentication_token, but I don't know if I can generate that without an SSO Key.

From https://developer.khoros.com/khoroscommunitydevdocs/docs/oauth-authorization-grant :

If your Community uses SSO, you’ll make a POST call to /auth/authorize passing the SSO token in the payload. Upon successful SSO authentication, Community returns an authorization code in the response body to your client application using a backend call.

As I’m writing this, I think I found it in production under a cookie called:  lithiumLogin:{instanceID}

Can this be used as the sso.authentication_token? If so, where can I find this in stage? Does it need to be enabled somewhere for the staging environment? I read that this could be a user profile option and I’ve got my profile for both environments set the same way and nothing has changed.

Additionally, I believe we are running into problems with CORS, which makes it difficult for us to test that the value I've located is actually what I need. I've got a ticket with support open for this.

We’ve read everything in these guides, but I feel like there are some assumptions being made in the documentation that has us scratching our heads.

https://developer.khoros.com/khoroscommunitydevdocs/reference/authauthorize

How can I reliably get the user's SSO Token to move forward? I feel like we're missing something silly here.