I’m inclined to say no. Reducing the problem down to its most basic parts: Alice is authorized to talk to Bob, but Bob doesn’t know that. How can Alice prove it?

Bob has to assume that anyone asking to talk to him could be Mallory, who isn’t authorized to talk to him but will always answer “yes” if asked whether she is. So the authorization he gets has to be from a trusted third party; it can’t come from Alice.

Grace is a trusted third party. If Alice doesn’t care about privacy, and is okay with Grace knowing that Alice talked to Bob and with Bob knowing Alice’s identity, Alice can just tell Bob, “here’s proof that I’m Alice. Show this to Grace and she’ll confirm that I can be here.” This is SSO, essentially.

If Alice doesn’t want Bob to know who she is, but is ok with Grace knowing that Alice talked to Bob, she can ask Grace to give her a secret code, and give that code to Bob, who can check with Grace to know whether or not that code corresponds to someone who is authorized.

If Alice doesn’t want Grace to know that she’s talking to Bob, though, she runs into a problem. Because there’s no way for Grace to send Bob a message without knowing who Bob is, he can’t ask anonymously, and because there’s no way for Grace to confirm that Alice is authorized without knowing who she is, Grace will always know that Alice has asked for authentication to talk to Bob.

Adding Dave in as a trusted fourth party could solve the problem—Alice asks Dave to check with Grace, and lock his answer in a bag with a unique key that only Dave has. Then Grace could give the bag to Bob, who doesn’t need to know who Grace is to pass the bag to Dave and ask him to unlock it. But Alice would be trusting that Dave won’t keep records on which bag corresponds to which person.

I don’t think that’s a surmountable problem. I’ll have to think about it some more.