by default the Flowable UI apps work with cookie based authentication.
The cookies are handed out by the Flowable IDM app. The cookie needs to be ‘in the same domain’. Otherwise the other apps cannot access it after the IDM app creates it.
When you want to use the default cookie based authentication you have to put something like a reverse proxy in front of it that handles the redirects and possible rewrites.
Sounds like you need to look into the multi tenancy aspect of Flowable, otherwise I see no reason why you can’t just proxy all the domains to the same IDM instance.