diff --git a/app/controllers/buyers/impersonations_controller.rb b/app/controllers/buyers/impersonations_controller.rb
index 4ca167ac42..3735d280e9 100644
--- a/app/controllers/buyers/impersonations_controller.rb
+++ b/app/controllers/buyers/impersonations_controller.rb
@@ -14,7 +14,7 @@ def create
     sso_token.redirect_url = params[:redirect_url] if params[:redirect_url] && params[:redirect_url] != "null"
     sso_token.account      = provider
 
-    sso_url = sso_token.sso_url!(provider.external_admin_domain)
+    sso_url = sso_token.sso_url!(host: provider.external_admin_domain, port: request.port)
 
     respond_to do | format |
       format.json { render json: {url: sso_url}, status: :created }
diff --git a/app/controllers/partners/sessions_controller.rb b/app/controllers/partners/sessions_controller.rb
index a6bcfd3b07..12f346f86b 100644
--- a/app/controllers/partners/sessions_controller.rb
+++ b/app/controllers/partners/sessions_controller.rb
@@ -10,7 +10,7 @@ def openid
         sso_token = SSOToken.new user_id: @user.id
         sso_token.protocol = 'http' unless request.ssl?
         sso_token.account = @account
-        sso_url = sso_token.sso_url!(@account.external_admin_domain)
+        sso_url = sso_token.sso_url!(host: @account.external_admin_domain, port: request.port)
         sso_url << "&return_to=#{params[:return_to]}" if params[:return_to].present?
         redirect_to sso_url
       end
diff --git a/app/models/sso_token.rb b/app/models/sso_token.rb
index b66f4526a9..ee8a11075e 100644
--- a/app/models/sso_token.rb
+++ b/app/models/sso_token.rb
@@ -59,11 +59,12 @@ def assign_attributes values
   # however, if the provider is also master, host needs to be the provider's admin domain for which we create the URL
   #
   #
-  def sso_url! host = nil
+  def sso_url!(host: nil, port: nil)
     save if new_record?
 
     params= {
       host: host || account.external_domain,
+      port: port,
       protocol: protocol,
       token: encrypted_token,
       expires_at: expires_at.to_i,