Problem:

A tenant admin may receive the error “AADSTS50105: The signed in user ‘{EmailHidden}’ is not assigned to a role for the application…” when clicking on the “Grant Admin Consent” button in Azure AD’s App Registration portal as shown in the screen shot below:

Why is this happening?

This error typically happens when the Enterprise Application portion (or Service Principal) of the registered application has the setting ‘User Assignment Required’ set to Yes

So how do I resolve this issue?

You can follow the steps below to work around this issue:

  1. Change the ‘User assignment required’ to No and save the change
  2. Go back to the App Registration portal and perform Granting Admin consent to the application. It should work this time
  3. Set the ‘User assignment required’ back to Yes again

1
Leave a Reply

avatar
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Parker Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Parker
Guest
Parker

Thank you! I was really struggling to resolve error AADSTS50105. Your suggestion worked perfectly.