Fix Sign-in Error Code AADSTS50105
User account is not granted access to this application
Error Message
AADSTS50105: Your administrator has configured the application <AppName> (āAppIDā) to block users unless they are specifically granted (āassignedā) access to the application. The signed-in user āUPNā is blocked because they are not a direct member of a group with access, nor have access directly assigned by an administrator. Please contact your administrator to assign access to this application.
Root Cause Analysis
This error occurs when a user without access tries to sign in to a Microsoft Entra application that has been set to allow access only for assigned users.
Error Examination
When users encounter this error, Microsoft 365 admins can examine it through the Entra ID sign-in logs with the error code AADSTS50105.
License Requirement
Microsoft Entra ID P1 License
Role Requirement
Reports Reader
How to Find the 50105 Error Details in Microsoft 365 Sign-in Logs?
You can check the detailed diagnostic information for the AADSTS50105 error using the following steps:
-
Log in to the Microsoft Entra admin center.
-
Navigate to the Sign-in logs under Monitoring & health.
-
Apply the following filters to locate relevant sign-ins.
-
Sign-in error code = '50105'
-
Username = Enter the usersā UPN
-
Date = By default, the date is set to last 24 hours. You can change it to last 7 days, 1 month, or customize it based on your needs.
-
Here, you can see the user's failed logins for the selected time range. Select the entry that matches the sign-in time of the error.
How to Fix Error Code 50105 in Microsoft 365
If the user is legitimate and you want to allow them to access the Microsoft Entra application, grant Enterprise application access to the Microsoft 365 user.
Solution - Via Microsoft Entra Admin Center
2 mins
Cloud Application Administrator
Assign Microsoft 365 Users to an Enterprise Application in Entra ID
You can allow specific users to access the Entra application by assigning the permissions explicitly to the user. To do so, follow the steps below.
-
Sign in to the Microsoft Entra admin center.
-
Navigate to Entra ID Ā» Enterprise apps Ā» All applications and select the application you want to configure user assignments.
-
Choose Users and groups in the left pane under the Manage section and select Add user/group.
-
On the Add Assignment page, select None Selected under Users and groups.
-
Select the users that you want to assign the application and click Select.
-
Hit Assign at the bottom of the page to update the user assignment to the Entra application.
You can also assign groups to an application. Ensure to assign the required group directly to the application, as nested groups are not supported.
Note
If you want all users in your organization to access an enterprise application, disable the user assignment by setting āAssignment requiredā to No on the applicationās Properties page.
Still Need Help?
If these methods donāt resolve your issue, let us know in the āDiscussion sectionā below. Weāll assist you as much as possible. However, if the problem persists, contacting Microsoft Support may be necessary.