In the .Net application, create a button, for example, where the user will click to access the PHP application on the other server.
Clicking this button generates a token (unique encrypted key).
The token will serve as authentication. The logic is to generate the toke by the .Net app and save it to a database.
This token must be related to the user ID in the PHP application. So you need to figure out a way to create that relationship.
A simple way is a .Net screen with a form where the user enters the login and password data to access the PHP application. This data would be saved in the database of the .Net app so it could relate to the tokens.
One made the structure, we continue. By clicking the button, the token is generated and the user is directed to the PHP app.
The PHP app receives the token and checks to see if it is valid by querying the database from where it was previously saved. For this query, we recommend an API (webservice). Avoid making a query directly to the database. Consult for an API.
After verifying that the token is valid, if it is valid, it will search the relationship with the user and then authenticate it to the PHP app.
Important: The token must be deleted or invalidated each time it is used. The token can only be used once.
Note that this is all independent of the languages you use on both sides. The .net app could be a JAVA app and the PHP app could be a RoR app. The logic of the authentication token is the same.
