Follow
Unable to Log In: "Sorry, you do not have access to Workfront"

PROBLEM
Unable to Log in to Workfront.
Sorry, You Do Not Have Access to Workfront.
or
Sorry, you can't access Workfront thru this login screen. Workfront is setup for
Federated single sign-on with SAML 2.0. Please contact your system administrator.

SOLUTION

CAUSE 1:  

The User's Workfront Federation ID does not match their SAML counterpart. This includes Case differences.

FIX:  Edit the Workfront user's information. Make a note of the Workfront Federation ID. Compare this to the SAML/ADFS user's equivalent field. The case needs to match both SAML andWorkfront. This is the same thing as they are passing as an ADFS Claim for NAME ID. You can see what is being passed using the Workfront “Test Connection” under $$NAMEID

CAUSE 2:

The Workfront user does not have an Access Level assigned to the user.

FIX: Assign an Access Level to the user attempting to log in.

CAUSE 3:

The Workfront Login URL is incorrect.

FIX: Verify and correct the URL, if needed. This does NOT refer to the SAML Login Portal URL. It refers to the Workfront Login URL. For Example: https://yourdomain.my.workfront.com.

Using SAML you cannot use URLs pointing to CL01 or CL02.