Problem:

A tenant admin may receive the error “AADSTS50105: The signed in user ‘{EmailHidden}’ is not assigned to a role for the application…” when clicking on the “Grant Admin Consent” button in Azure AD’s App Registration portal as shown in the screen shot below:

Why is this happening?

This error typically happens when the Enterprise Application portion (or Service Principal) of the registered application has the setting ‘User Assignment Required’ set to Yes

So how do I resolve this issue?

You can follow the steps below to work around this issue:

  1. Change the ‘User assignment required’ to No and save the change
  2. Go back to the App Registration portal and perform Granting Admin consent to the application. It should work this time
  3. Set the ‘User assignment required’ back to Yes again

4 Thoughts to “receiving error AADSTS50105: The signed in user ‘{EmailHidden}’ is not assigned to a role for the application”

  1. Parker

    Thank you! I was really struggling to resolve error AADSTS50105. Your suggestion worked perfectly.

  2. anthong

    having trouble getting back in

    1. Bac Hoang [MSFT]

      What error message are you getting?

  3. Małgorzata Mrugała

    User assignment required : No.
    Back to you (my God). Yes. Again.
    

Leave a Comment