Problem:

A tenant admin may receive the error “AADSTS50105: The signed in user ‘{EmailHidden}’ is not assigned to a role for the application…” when clicking on the “Grant Admin Consent” button in Azure AD’s App Registration portal as shown in the screen shot below:

Why is this happening?

This error typically happens when the Enterprise Application portion (or Service Principal) of the registered application has the setting ‘User Assignment Required’ set to Yes

So how do I resolve this issue?

You can follow the steps below to work around this issue:

  1. Change the ‘User assignment required’ to No and save the change
  2. Go back to the App Registration portal and perform Granting Admin consent to the application. It should work this time
  3. Set the ‘User assignment required’ back to Yes again
4.5 2 votes
Article Rating
Subscribe
Notify of
guest
1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Parker
Parker
January 13, 2020 7:01 pm

Thank you! I was really struggling to resolve error AADSTS50105. Your suggestion worked perfectly.