We use SSO for login of our internal users, but also have external users in our instance who, obviously, do not have the "Only Allow SAML Authentication" box checked and still need to login with a password.
However, when those external users receive an update notification via email and try to click on any of the links in the email they are directed to an SSO login page with notices about "authentication." They fill in the information for authentication but, of course, never receive an email or text to allow them to log in.
I've directed them, when they receive these email notificaitons to log in first, then go back to their email to use the links provided.
But it causes a lot of confusion and a bad experience for users that do not use Workfront often and gives them a bad impression.