Hello - We just implemented single sign-on last night (SAML 2.0) and we've run across one seemingly random error that I wanted to ask the community's help with. Our organization works with many users that are either freelancers or agencies - so they are not in our Active Directory and they cannot access anything using SSO, however they are given Worker licenses in Workfront in which to complete tasks we assign to them. Once we implemented SSO, it was brought to my attention that if one of these users clicks through ANY of the links in an email notification for a work item on which they've been assigned, they cannot access Workfront. They are taken to our SSO authentication page and can't go any further because they don't have a company User ID or password. Right now, they would need to log into Workfront via the non-SSO URL and access the notification in the upper right message center. The engineer I am working with on this suspects this is on purpose, but we both agree that we can't seem to think WHY it should work this way when prior to SSO, these users could hop right into their work items via a generated email (after they logged in, of course). Is anyone else dealing with this for their SSO implementations of Workfront or is there something I'm missing? Would love to hear your experiences with outside company users and SSO either way. Angela Simon CUNA Mutual Group