Issue:
A managed account using SSO with Microsoft Azure AD may encounter the AADSTS50105 error when trying to log into BibliU.
- The account is automatically redirected to the Microsoft login page.
- The user successfully authenticates using their Microsoft UPN and password.
-
However, the following error is displayed:
AADSTS50105: Your administrator has configured the application BibliU ('<APPLICATION_ID>') to block users unless they are specifically granted ('assigned') access to the application. The signed-in user '<email address>' is blocked because they are not a direct member of a group with access, nor has access been directly assigned by an administrator. Please contact your administrator to assign access to this application.
Cause:
The Azure AD account does not have permission to authenticate via the Azure AD application configured for SSO with BibliU.
Solution:
Contact the Azure AD administrators to perform one of the following actions:
Option 1: Allow all users in Azure AD to authenticate via BibliU.
- Go to https://aad.portal.azure.com/
- Navigate to Enterprise Applications > BibliU
- Open Properties settings
- Set "Assignment required?" to No
- Save
Option 2: Assign permission to the specific account experiencing the AADSTS50105 error.
- Go to https://aad.portal.azure.com/
- Navigate to Enterprise Applications > BibliU
- Open Users and Groups settings
- Assign the account directly to the application or add them to a group that already has access.
Comments
0 comments
Please sign in to leave a comment.