When receiving emails from Rally, sometimes the user must log in again in order to see the work item, even though that user already has an active session in Rally.

Release : SAAS

Component : AGILE CENTRAL

This is often caused by an email scanning subscription service that is rewriting the URL for security purposes.  The rewritten link is actually being routed through the third party service and traffic is then scanned for security purposes.  Therefore, this is considered a new session since it is with the third party scanning service instead.

Normally, a link to a work item in Rally would appear as follows:

https://rally1.rallydev.com/slm/#/detail/defect/<DEFECT_OID>

However when an email scanning service rewrites the URL it may actually appear as follows:

https://isolate.menlosecurity.com/https://rally1.rallydev.com/slm/#/detail/defect/<DEFECT_OID>

In this case, the user is being sent first to https://isolate.menlosecurity.com, and not Rally.  So the third party site is intercepting the request and since this is seen as a separate session from the currently active session, it causes the user to need to reauthenticate.