Problem

A managed account enforced with SSO through Microsoft Azure AD may encounter the AADSTS50105 error code. 

• The managed account is logging into Atlassian cloud.
• The user is automatically redirected to the Microsoft login page for authentication.
• User is able to authenticate with the Microsoft UPN and password.
• The following error is then returned to the user

AADSTS50105: Your administrator has configured the application Atlassian Cloud 
('<APPLICATION_ID>') to block users unless they are specifically granted ('assigned') 
access to the application. The signed in user '<email address>' is blocked because 
they are not a direct member of a group with access, nor had access directly assigned 
by an administrator. Please contact your administrator to assign access to this application.

Cause

The Azure AD account has not been granted the permission to authenticate via the Azure AD application configured for SSO with Atlassian Access.

Resolution

Please request the Azure AD administrators to perform either of the following

Option 1 : Allow anyone in Azure AD to authenticate via Atlassian cloud application

• Go to https://aad.portal.azure.com/
• Navigate Enterprise Application > Atlassian Cloud 
• Open the Properties settings
• Set the "Assignment required?" settings to No
• Save

Option 2 : Grant the permission to the specific account that is facing the AADSTS50105 error. 

• Go to https://aad.portal.azure.com/
• Navigate Enterprise Application > Atlassian Cloud 
• Open the Users and Groups settings
• Assign the account directly to the application or add the account as a member of any groups already assigned.