Issue:
A managed account using SSO with Microsoft Azure AD may encounter the AADSTS50105 error when trying to log into BibliU.
- The account is automatically redirected to the Microsoft login page.
- The user successfully authenticates using their Microsoft UPN and password.
- However, the following error is displayed:
AADSTS50105: Your administrator has configured the application BibliU
('<APPLICATION_ID>') to block users unless they are specifically granted
('assigned') access to the application. The signed-in user '<email address>'
is blocked because they are not a direct member of a group with access,
nor has access been directly assigned by an administrator.
Please contact your administrator to assign access to this application.
Cause:
The Azure AD account does not have permission to authenticate via the Azure AD application configured for SSO with BibliU.
Solution:
Contact the Azure AD administrators to perform one of the following actions:
Option 1: Allow all users in Azure AD to authenticate via BibliU.
- Go to https://aad.portal.azure.com/
- Navigate to Enterprise Applications > BibliU
- Open Properties settings
- Set "Assignment required?" to No
- Save
Option 2: Assign permission to the specific account experiencing the AADSTS50105 error.
- Go to https://aad.portal.azure.com/
- Navigate to Enterprise Applications > BibliU
- Open Users and Groups settings
- Assign the account directly to the application or add them to a group that already has access.
Comments
0 comments
Please sign in to leave a comment.