Expand my Community achievements bar.

Join us for our Coffee Break Sweepstakes on July 16th! Come ask your questions or share your use cases on Creative Briefs for a chance to win a piece of Workfront swag!
RSVP Now

SSO Question

Avatar

Level 3
Level 3
11/9/16 7:47:00 AM
We are working on implementing SSO. I understand how the license provisioning will work for our internal users, but what if we want to allow external users access to Workfront? Can you have SSO for some and normal logins for others? From what I have read, we will need to create an ADFS account for our external users to be used for Workfront access. Is that correct? Any help or direction would be much appreciated. Shelly Long, PMP, CSSGB Marketing Traffic Manager Pier 1 Imports Accelerate to Excellence

Views

280

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
3 Replies

Avatar

Level 5
Level 5
11/9/16 8:32:00 AM
We have used SSO for a few years now, without the auto-provision option. We have internal and external users. You can designate at the user level the Federation ID for those authenticated via SAML or not for externals. The big challenge is that for internal users is that some have bookmarked the wrong page (the internal, redirected login page instead of the workfront page). Another thing to keep an eye on is that external users need to use the direct login page (xxx.attask-ondemand.com/login)

Views

280

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
11/9/16 1:49:00 PM
Agree with Marty, make sure it is well communicated to Users their login process and what link to use. It can cause quite an annoyance when an internal employee is Only Allow SAML 2.0 Authentication login, and they end up on the xxx.attask-ondemand.com/login external user login page, and they're trying to enter their CORP credentials and reset their password to a direct login they don't have. Andrew Beard Sr. Associate, LeapPoint "mailto:abeard@leappoint.com" abeard@leappoint.com 203-232-4090

Views

280

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 3
Level 3
3/12/20 6:52:00 PM
But isn't there another big disadvantage for external users? I'm setting up external users with a Reviewer license and no Federated ID and un-checked use SAML only. When we @ mention them in an update, it sends them and email (to their external email) , which is great. BUT if they use the link in that email to try to "see it in Workfront," it prompts for the SSO (Microsoft) login first. I know that we can send them the external login url (with .../login) but it'll be frustrating not to be able to use the links! I called tech support and they said basically they can't do anything. All we can do, it seems, is tell the external users to first go in Workfront and get logged in. Then, while they're logged in, the links will work. This will not make them happy. Anyone found a better way??? Mavis Moon

Views

280

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Beginner question: Turning custom fields into project tasks Solved

Views

91

Likes

0

Replies

1
Reporting question - Project collection report where column is tasks that can start within the project Solved

Views

223

Likes

0

Replies

6
Duration and Schedules: Question

Views

147

Likes

0

Replies

3
Boards Questions // Generic Task Names & Duplicates

Views

103

Like

1

Replies

1
Adobe Workfront Console Migration : SSO

Views

439

Likes

0

Replies

8