Share via

Users not showing up in my Enterprise App even after assigning them

Robert 0 Reputation points
2025-12-02T15:07:13.94+00:00

stuck with an issue in Entra ID. I assigned a few users to one of our Enterprise Applications, but the app still says No users assigned. The users also can’t sign in they get an access error.

I’m not sure what’s going wrong here. Is there usually a delay before the assigned users appear, or could something be blocking the assignment from taking effect?

Has anyone run into this before? Any ideas on what I should check?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2025-12-02T15:07:32.0766667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    When users do not show up in your Enterprise Application in Microsoft Entra ID despite being assigned, there are several factors to consider:

    1. Provisioning Logs: Check the provisioning logs to see if there are any errors or messages indicating why users are not being provisioned. Common reasons include users being filtered out by a scoping filter, missing required attributes, or issues with user assignment records.
    2. User Assignment: Ensure that the users are effectively assigned to the application. If you see an error indicating that users are "not effectively entitled," you may need to unassign and then reassign the users or groups to the application.
    3. Required Attributes: Verify that all required attributes for the users are populated correctly. Missing attributes can prevent users from being provisioned.
    4. Delay in Provisioning: While there may be some processing time, typically users should appear shortly after assignment. However, if there are issues in the provisioning process, they may not show up at all.
    5. Access Errors: If users are receiving access errors, ensure that they are assigned to the correct roles for the application. Users must belong to a group that is assigned to the application or be assigned directly to it.
    6. Nested Groups: Note that nested groups are not supported for application assignments, so make sure the group is directly assigned to the application.

    By reviewing these aspects, you should be able to identify the cause of the issue and take appropriate action to resolve it.

    0 comments
  2. VEMULA SRISAI 3,330 Reputation points Microsoft External Staff Moderator
    2025-12-02T15:40:02.33+00:00

    As you described that users assigned to an Enterprise Application but the blade still says “No users assigned” and sign‑in is blocked this is almost always an assignment scope or role issue rather than a propagation delay. In Microsoft Entra ID, assignments take effect immediately when done in the correct place.

    Please check the following 

    1. Verify Assignment Location
      • Go to Microsoft Entra admin center → Enterprise Applications → [Your App] → Users and Groups.
      • Add users/groups here (not under App registrations).
    2. Select Role During Assignment
      • If the app defines roles, choose one (e.g., User, Reader, Admin).
      • Missing role = AADSTS50105 error.
    3. Check “User Assignment Required”
      • Under Properties, if set to Yes, only explicitly assigned users/groups can sign in.
    4. Grant Admin Consent
      • Navigate to Permissions → click Grant admin consent for required permissions.
    5. Validate Group Assignments
      • Avoid nested groups unless you have Entra ID P1/P2.
      • Test with direct user assignment.
    6. Confirm in Correct Tenant
      • Ensure you’re in the right directory and the app is enabled for sign-in

    For your reference:

    https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/manage-roles-portal?tabs=admin-center

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.