Error AADSTS50105 - The signed in user is not assigned to a role for the application
This article provides a resolution to the AADSTS50105 error that occurs during federated authentication with Azure Active Directory (Azure AD).
You receive the following error when trying to sign into an application that has been set up to use Azure AD for identity management using SAML-based Single Sign-On (SSO):
Error AADSTS50105 - The signed in user is not assigned to a role for the application.
The user hasn't been granted access to the application in Azure AD. The user must belong to a group that is assigned to the application, or be assigned directly.
Nested groups are not supported, and the group must be directly assigned to the application.
To assign one or more users to an application directly, see Quickstart: Assign users to an app.
For a full list of Active Directory authentication and authorization error codes, see Azure AD Authentication and authorization error codes.
Contact us for help
If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure community support.