You receive error AADSTS50105 when attempting to sign into the IriusRisk UI when using Azure AD SAML-based SSO.
The user has not been given access to the application in Azure AD. The user must either be assigned directly to the application or be a member of a group that is. Keep in mind that nested groups cannot be used; instead, the group must be assigned to the application directly.
Note: Nested groups are not supported, and the group must be directly assigned to the application.
This can be resolved by either:
- Assigning the user(s) to a group that is assigned to the application in Azure AD
- Assigning user(s) to the application in Azure AD directly