What causes AADSTS50015?

The user's account is flagged as a minor (Minors/NotAdult age group) and hasn't completed the parental/guardian consent flow. The account's `ageGroup` or `consentProvidedForMinor` attribute in Entra ID is missing or set to a non-consented state. A personal Microsoft Account (MSA) tied to a minor is being used to access an organizational Power BI / Fabric tenant. B2C/External ID policy enforces age-gating but the consent step was never completed during sign-up. Tenant-side identity governance policy requires legal age group declaration that the account hasn't supplied

How do I fix AADSTS50015?

Identify the affected user (UPN) from the failed sign-in and open Microsoft Entra admin center → Users → that user → Properties, then check `Age group` and `Consent provided for minor`. If the account is incorrectly flagged as a minor, an admin should set `ageGroup` to `Adult` (PATCH via Graph: `/users/{id}` with `{ "ageGroup": "Adult" }`) — only do this if you can verify the user is of age. If the user is genuinely a minor, complete the parental consent flow: have the guardian sign in via the consent prompt, or set `consentProvidedForMinor` to `Granted` for that user. For B2C / External ID flows, edit the user flow / custom policy to ensure the age gating + consent step runs and is persisted before token issuance. If a personal Microsoft Account is being used against an org tenant, switch to the organizational (work/school) account — MSA minor accounts cannot bypass this gate against an Entra ID tenant

Low severityauthentication

Power BI Error:
AADSTS50015

What does this error mean?

Sign-in blocked because the user account needs legal age group (minor/parental) consent before Entra ID will issue a token.

Common causes

1The user's account is flagged as a minor (Minors/NotAdult age group) and hasn't completed the parental/guardian consent flow
2The account's `ageGroup` or `consentProvidedForMinor` attribute in Entra ID is missing or set to a non-consented state
3A personal Microsoft Account (MSA) tied to a minor is being used to access an organizational Power BI / Fabric tenant
4B2C/External ID policy enforces age-gating but the consent step was never completed during sign-up
5Tenant-side identity governance policy requires legal age group declaration that the account hasn't supplied

How to fix it

1Identify the affected user (UPN) from the failed sign-in and open Microsoft Entra admin center → Users → that user → Properties, then check `Age group` and `Consent provided for minor`
2If the account is incorrectly flagged as a minor, an admin should set `ageGroup` to `Adult` (PATCH via Graph: `/users/{id}` with `{ "ageGroup": "Adult" }`) — only do this if you can verify the user is of age
3If the user is genuinely a minor, complete the parental consent flow: have the guardian sign in via the consent prompt, or set `consentProvidedForMinor` to `Granted` for that user
4For B2C / External ID flows, edit the user flow / custom policy to ensure the age gating + consent step runs and is persisted before token issuance
5If a personal Microsoft Account is being used against an org tenant, switch to the organizational (work/school) account — MSA minor accounts cannot bypass this gate against an Entra ID tenant

Frequently asked questions

What does AADSTS50015 mean?

The user requires legal age group consent.

How do I fix this error?

Check your application registration, token configuration, and user permissions in the Azure portal. Review Conditional Access policies if the error is policy-related.

Source · learn.microsoft.com/en-us/entra/identity-platform/reference-error-codes#aadsts-error-codes