Symptom
When redirected to the IdP ("login.microsoftonline.com" URL) during SAML Authentication, the following error message is returned:
Sorry, but we’re having trouble signing you in.
AADSTS50105: Your administrator has configured the application <> to block users unless they are specifically granted ('assigned') access to the application. The signed in user <> is blocked because they are not a direct member of a group with access, nor had access directly assigned by an administrator. Please contact your administrator to assign access to this application
Read more...
Environment
SAML2 Authentication with Microsoft as the IdP.
Product
Keywords
AADSTS50105, Azure, IDP, login.microsoftonline.com, SAML, SAML2, user, role, assigned, Identity Provider, Active Directory , KBA , BC-SEC-LGN-SML , SAML 2.0 for ABAP , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.