Apps & Integrations

Azure AD - Frequently Asked Questions

Frequently Asked Questions


1. Does the integration support local ad/on-prem setup?

No, the Azure AD integration in Keka does not support local AD or On-Premise setups. It is specifically designed for cloud integration between Keka and Azure AD.


2. Does information updated in Azure AD gets updated in Keka?

No, only information updated in Keka gets updated in Azure AD. Information updated in Azure is not updated in Keka.


3. How to add employees in Azure AD?
For adding employees in Azure AD, add employees in Keka and the account would be created in Azure AD

4. Will my old employee be effected by Azure AD integration?
Yes, if you choose the Update preference while establishing the integration, all the employee details would be synced. So in the scenario of different details it will become one at both Keka and Azure Ad.. Please make sure that your previous employees are already added in Azure AD before enabling this integration.


5. Which attributes of an employee will be updated in Azure AD once updated in Keka?
The following attributes will be updated in Azure AD once updated in Keka:

  1. First name
  2. Last name
  3. Display name
  4. Employee number
  5. Job title
  6. Reporting manager
  7. Location
  8. Worker type
  9. Mobile number


6. What if I update reporting manager in Keka but the reporting manager does not exist in Azure AD?
The reporting manager would be updated in Keka but not in Azure AD. You can track it in the activity log under Azure AD card in Apps.

7. What happens in the case an email is used in Keka while adding an employee which already exists in Azure AD?
All the employee attributes added in Keka will be updated in Azure AD. Please make sure you do not use same email for different employees.

8. How does the Azure AD integration work in Keka?

The Azure AD integration in Keka works through API calls. Keka uses the Microsoft Azure User Provisioning API to send employee details and create accounts in Azure AD. A one-time use password is triggered to the person specified in the integration preferences, who will receive new employees' passwords.

9. How quickly does an employee account get created after adding them in Keka?

When you add an employee in Keka, the process to create the Azure AD account is initiated immediately. The account creation, including the user ID and password, happens without any delay.

10. Where are the user details stored while establishing the connection?

The user details are not stored in an intermediate location. Keka makes an API call to Microsoft Azure using the Azure AD Connect, which directly creates the account in Azure AD.


11. What type of password is assigned to the newly created accounts?

The passwords for the newly created accounts are one-time use only passwords generated by Azure AD. These passwords are sent to the designated person specified during the integration setup. The person can then share the password with the new employee securely.

12. Who receives the new employee's password after the integration is established?

During the integration setup, the IT admin specifies the person who will receive the new employee's password. It is suggested that the IT team be configured here to receive the password.


13. Can we modify the integration preferences after the setup?

Yes, you can modify the integration preferences after the initial setup. If any changes are made to the preferences, they will be reflected in the synchronization process.


14. Is there any delay in updating employee information in Azure AD after making changes in Keka?

No, there is no significant delay in updating employee information in Azure AD. Changes made to employee attributes, such as first name, last name, display name, and department in Keka, are promptly updated in Azure AD during synchronization.


15. Can we track the synchronization activity and view the history of integration-related events?

Yes, Keka provides an Activity Log tab where you can monitor the synchronization activity. The log displays a history of integration-related events, such as employee data syncs, account creations, updates, removals, and any errors or warnings encountered.


16. Can I update an employee's email ID through Keka in Azure AD?

No, you cannot update the email ID through Keka. However, other attributes can be updated. To change the email ID, you'll have to manually go to Azure AD and make the modification.


17. What happens if the integration connection gets broken?

If the connection breaks due to technical issues, you'll need to reconfigure the integration. It will redirect you to the Microsoft login page, where you'll need to log in again with Microsoft password.


18. What happens if I update the reporting manager in Keka but the reporting manager does not exist in Azure AD?

If you update the reporting manager in Keka, but the reporting manager does not exist in Azure AD, the system will update the reporting manager in Keka but in Azure AD. You can track this in the activity log in Apps > Azure AD.


19. What happens if an email used in Keka while adding an employee already exists in Azure AD?

If an email used in Keka already exists in Azure AD, the employee will not be created again, but the employee details will be synced. Please make sure the email is of the same employee.

20. How do I remove the integration if needed?

To remove the integration, you can disable it using the "Disable" button available in the integration page under Apps. Once disabled, it will immediately stop, and no further actions of addition or updation will be taken.


21. Can I only add employees and not update?
Yes, you can customize the integration settings to only allow additions without automatic updates. If you uncheck the "Update Employees" option, only addition of new employees will be handled by the system, and you can manage updates manually.


22. What is the difference between Add Employees and Update Employees?

Add Employees refers to the process of adding new employees to Azure AD, while updating employees means modifying existing employee attributes. Enabling both options allows the system to handle both new additions and updates.


23. Will updating employees affect old users as well?

Yes, updating employees will affect old users as well. If you modify any attributes for old users, those changes will also be updated in their Azure AD profiles.


24. What happens if there are discrepancies between user details in Keka and Azure AD?

The integration will resolve discrepancies by updating the attributes based on the data in Keka. For example, if a user's name is "Sanjeev Kumar" in Keka and "Sanjeev K" in Azure AD, the integration will update the name to "Sanjeev Kumar" to ensure consistency.


25. Can I manually update user details instead of relying on automatic syncing?

Yes, administrators can manually update user details in Azure AD. However, it is suggested to ensure that changes are reflected accurately in both Keka and Azure AD to avoid discrepancies.


26. What happens if a user is rejoining the organization?

When an employee is rejoining the organization, their email ID in Azure AD should be created and updated in Keka. This is to prevent conflicts with existing email IDs and maintain data integrity.


27. How do I remove an employee from Azure AD?

To remove an employee from Azure AD, follow these steps:

  • Go to the Azure portal and navigate to the Azure Active Directory.
  • Click on "Users" and find the employee you want to remove.
  • Select the employee and click on "Delete user."


28. What should I do if an employee forgets their password?

If an employee forgets their password, they can use the password reset option provided by Azure AD. Alternatively, an administrator can reset the password for the user through the Azure portal.