Users who log in with Azure AD SSO are getting the "The signed-in user XXXXXX is not assigned to a role for the application" error
Platform Notice: Cloud - This article applies to Atlassian products on the cloud platform.
Summary
You have invited users to the Cloud site and the user is facing the "The signed-in user XXXXXX is not assigned to a role for the application" error while logging in.
Diagnosis
The affected user will see the "The signed-in user XXXXXX is not assigned to a role for the application" error while attempting to log in. They are using Azure AD for identity management using SAML-based SSO has been set up with Atlassian products. The affected users have tried the following and none of these work:
- Clicking the "Continue with Microsoft" button to login.
- Signing up for an Atlassian account.
- Removing the affected users from the Cloud site and adding them again.
Cause
The user has not been granted access to the application on the Azure Active Directory side.
Solution
To assign one or more users to an application directly, please see Error AADSTS50105 - The signed-in user is not assigned to a role for the application.
For a full list of Active Directory authentication and authorization error codes, see Azure AD Authentication and authorization error codes.