The use of tokens seems to interact with a preexisting login/session in an undesirable way.  Easiest explained with an example:

1. Alisha Admin logs into the external site and checked the "keep me logged in" box. Navigation within the site works and she remains logged in for a long duration.
2. Alisha receives an email with a tokenized link restricted to /page/1234 to enter Group Attendance (e.g., {{ Person | PersonTokenCreate:null,null,1234 }}).
3. Alisha clicks on the email, and is taken to page/1234 and enters attendance.
4. Alisha navigates to the home page, or any other page, and is no longer logged in.

Especially for active people that may be using tokenized links frequently, they will feel like they are constantly having to re-login to the website.

Not knowing the internals, but presumably the token created a new session, effectively clobbering the previous one and that session, being limited to page/1234 becomes invalid and logs the person out.

This idea recommends a change to the token-handling such that upon navigation using a token, if a logged-in user session already exists and is equivalent or superior to the passed rckipid token (e.g., person's existing session would allow navigation to that page already), then the token should be effectively ignored or at least not affect the existing token/session.

Here is some simple HTLM/Lava that can be placed in an HTML block on a test page to demonstrate:

{% assign pageId = 'Global' | Page:'Id' | AsInteger %}
{% assign token = CurrentPerson | PersonTokenCreate:null,null,pageId %}
<h3>Hello {{ CurrentPerson.FullName }}</h3>
<br><br>
Here is a tokenized link for you for, for only this page, id: {{ pageId }}<br>
First, <a href="/page/{{ pageId }}?rckipid={{ token }}">click here</a><br>
Then, <a href="/page/1">click here</a> (notice: you are no longer logged in)