Clicking into an email notification from Workfront doesn't link the system. Does this have to do with SAML authentication or SSO?
Update From Workfront Support:
Workfront reports these are one of the drawbacks using SSO. If a user is not previously authenticated to Workfront (before the timeout), the system doesn't know if it is an internal, or external user, so it redirects them to the SSO system for authentication. This is really no way for the system to distinguish of the usr should be an SSO user for or outside user until they type in credentials.
Again, they've suggested for this to be included as an enhancement request from our end.