When logging in to Signavio using Single Sign-On (SSO), the following SSO provider pop-up window appears.
Sorry, but we’re having trouble signing you in.
Message: AADSTS50105: The signed in user
'email@example.com' is not assigned to a role for the application
Please contact the Single Sign-On (SSO) Administrator, or specifically, the Azure Active Directory (AD) Administrator, and ask them to add the user to the Azure Enterprise Application "Signavio".
Please note that the error is not generated by the Signavio software.
(As at May, 2020)
Authentication and authorization error codes
EntitlementGrantsNotFound - The signed in user is not assigned to a role for the signed in app. Assign the user to the app.
For more information:https://docs.microsoft.com/azure/active-directory/application-sign-in-problem-federated-sso-gallery#user-not-assigned-a-role.
(NOTE: The error prefix AADSTS stands for Azure Active Directory Security Token Service).
KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To