Workfront

Wow. Just....wow! So there's no disabling of that - why would we want to enable that ability for someone to intentionally comment as another user? Christina Jarosz Ascensus

The link is specific to the user, so if they forward the link, they are sharing the credentials of User A. If instead of forwarding the link e-mail, they share the proof with the user (and they don't need to be set up in Proof - all you need is the user's e-mail to share it) then they will get their own URL as User B. User B also shows in the proof with their own OSCD boxes. You can enforce login if you don't like this behaviour, but that then means only Proof users can be included in the review - no guests. Barry Buchanan Work Management Australia

Hi, I think this require a little bit of information on "why" it is like this. As you mention it is possible to give review and approve rights to people outside of the system, for those people the email link is the only way for the system to identify who they are. With that in mind by shearing the email you share your access "key" to that particular proof. There are ways to prevent from that but only by having login users only (like Berry mentioned by Login required). @Christina Jarosz Would you want everyone to identify themselves before being able to add any comments or make decision even though that identification would not require password but just email to make sure that you are you? (That would still allow someone unauthorized to type your email and get access to the proof). Would you turn on such identification on your account for everyone to have that additional step when going to a proof from email? Best regards Andrzej Belka Product Manager Workfront

Hello! Experienced the same issue with our users. They are also trained not to share emails, but when they do, this is the workaround I use to set it straight: Have them log out, hit ctrl+F5 (Hard Refresh) Add them to the proof through the proofing details (remove them if they are already on it) Have them log in again, and access the proof correctly (they'll get a new e-mail). I have tried just adding them and occasionally their browser history will throw a gremlin into the mix. This also gives me 5 minutes to reinforce the importance of following the sops ;) Thanks, Saher Almaita

Its because emails do not have self-aware buttons so when the email is sent it has an embedded tracking code that is for that individual user only. This is how all emails work, it's not a specific issue to Workfront. The only answer would be for Workfront to change the email buttons to be one-time use only which would lock the proof if someone tried to click the button a second time. Workfront needs to have a way for reviewers to include new people from within the proof tool such as an @name here like they do in the project updates. This would eliminate users needing to forward their email or contact the proof owner. We have used another proofing tool and that is how it functioned and our users were much happier with that ability. Aileen Taylor Cell Signaling Technology

Yes - this. I'm fine with this extra step. I do not have any problem with people sharing the proof - I do have a problem with people being able to comment/review as another persona. @Christina Jarosz Would you want everyone to identify themselves before being able to add any comments or make decision even though that identification would not require password but just email to make sure that you are you? (That would still allow someone unauthorized to type your email and get access to the proof). Would you turn on such identification on your account for everyone to have that additional step when going to a proof from email? Christina Jarosz Ascensus

Hello everyone, I think there is lots of confusion of why users show up as a different person when an email is forwarded. Let us take the above users UserA (who only has guest access email-notification, no user account) and UserB (who does not have access to the current proof at all). Let us add UserC, who is also a guest (no real account, only email-notification) and an Admin (that would be the one creating the proof. After creating the proof, both UserA and UserC both get a seperate email to their own email address. Why is that? Couldn't both of them get the same email, with UserC in CC? -No, actually they cannot. The "Go to Proof" button of their emails does not have the same link. The Link in the email of UserA is different to the one of UserC. By entering that link in the browser (either doing it yourself or clicking the "Go to Proof" button), the Workfront Proof Server knows, which Proof to open and which user opens the proof (because obviously the link sent to UserA should be opened from UserA; UserA cannot simply open the proof as UserC). The Workfront Proof Server has this relationship between users and proofs stored in its database. That is why UserB seems to be UserA when UserA simply forwards the email to another person and that person clicks on the "Go to Proof" link. Be aware that as an Admin you have the same issues as well when you forward Late proof-emails or sth. like that. People will appear as you when they open the proof (but at least they cannot add users or do anything important). So I would recommend to simply not forward any email from Workfront Proof. I thought about that problem for quite some time now and there is no better way as long as Workfront wants to keep selling user accounts. In addition it is much easier just to click a link than to have an Admin create a user account, sharing the login data, opening a website, entering the user name and password and then start working. Jürgen Kahl

I think the reason to not give the same link to everyone is so that WF knows who you are when you login and will tag the comment with your name, which makes sense. However we have a whole lot of trouble with the "share this proof" link that is included in the notification – it doesn't work if you share that proof with users that have SSO logins. That link brings the "new" user to a login screen that is not the SSO login, causing frustration and aggravation with Workfront (and me!).