Although you may have connected your SSO to Matrix Booking, it doesn't guarantee all staff can access the system. When your organisation sets up Matrix Booking SSO via Microsoft Entra ID, your IT team may have assigned a group so that you log in via SSO. It checks in your SSO or directory to see if all staff can access the system or if your company has restricted access to a specific group.
If you have restricted it to a group, anyone in your company that isn’t in that group will get an error that looks a bit like this after they log in to SSO:
AADSTSxxxxx: The signed in user 'xxxxx.xxxxxx@yourcompany.com' is not assigned to a role for the application 'xxxxxxxxxxxx'(Matrix Booking).
This isn’t security at Matrix Booking’s end that’s blocking you from logging in. It’s something you need to raise with your IT team and ask them to ensure that the staff members are added to the correct group in Entra ID for SSO.