Custom login action is the solution is I guess. Hence please take a look into the Kerberos/LDAP modules available in the app store. they might give you an idea, how to implement the same.
If I understand correctly you want to make a kind of Single Sign On proces where a webservice creates a token for a user so that this token can be used to log the user in?
This can be done with the deeplink widget from the appstore. First create a webservice that creates the token that is serviced to the external system and then they can use this token to create a URL that can be handled by the deeplink (retrieve the user and show the correct page).
But may be I misunderstood the question.
Regards,
Ronald
[EDIT after comment] If a user does not exist (yet) create a new user and assign the token to this user. Then use the deeplink to the create new user page if the token is used by a user to log in to Mendix. There he can update his credentials like email adres so his login details can be sent to him.