Share via

I have Entra federated with Okta. One of my users is getting this error: AADSTS50105: The signed in user is blocked because they are not a direct member of a group with access. My problem is that they are a member of a group with access and assigned app.

Mary 0 Reputation points
2025-02-28T03:11:59.84+00:00

Hi, One of my users is getting this error when trying to log in to the other IDP using Entra federation:

Message: AADSTS50105: Your administrator has configured the application to block users unless they are specifically granted ('assigned') access to the application. The signed in user is blocked because they are not a direct member of a group with access, nor had access directly assigned by an administrator. Please contact your administrator to assign access to this application.

The issue is that she is a group member and has the app assigned to her. None of my other users in this group are having this error.

I've checked everything I can think of unless there is a policy that may be blocking it for her. Could that be? Has anyone else run into this?

I'm new to this. Plz help.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
3,058 questions
0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.