Symptom
You have configured Azure AD as Identity Provider in SAP BTP Cockpit for the application Single Sign-On (SSO).
Following errors occurred while sign in a SAP BTP application.
Sorry, but we're having trouble sign you in.
AADSTS50105: Your administrator has configured the application XXX ('XXXXXXXX-XXX-XXX-XXX-XXXXXXXXXXXX') to block users unless they are specifically granted ('assigned') access to the application. The signed in user 'xxxxx@yyyyy.com' is blocked because they are not a direct member of a group with access, nor had access directly assigned by an administrator. Please contact your administrator to assign access to this application.
"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."
Read more...
Environment
- SAP Business Technology Platform
- Cloud Foundry environment
Product
Keywords
AADSTS50105, SSO, BTP , 400, Bad Request, login.microsoftonline.com, blocked, sign in , KBA , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , Known Error
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.