API | Azure AD OIDC (Middle East)

Keka Technologies Private Limited now supports customer-managed authentication using Custom OIDC integration with Microsoft Azure AD. This enables enterprises in the Middle East region to configure their own authentication policies while securely managing login access to Keka.

The feature allows organizations to plug Keka into their Azure AD tenant by configuring client credentials, endpoints, and token handling parameters.

What’s New

• Support for OpenID Connect (OIDC)-based Single Sign-On (SSO) using Azure AD.
• Customer-managed authentication configuration for enterprise control over identity policies.
• Secure exchange of authentication tokens between Keka and Azure AD.
• Custom tenant-level setup enabling organizations to integrate their own Azure AD environment.

How It Helps

• Simplifies employee access through seamless Microsoft credential login.
• Improves security by allowing centralized identity and access management.
• Reduces administrative overhead associated with maintaining separate authentication systems.
• Supports enterprise compliance requirements by letting organizations control authentication workflows.

Availability

This update is applicable to customers operating in the Middle East region and using Azure-hosted identity infrastructure.

Setup Summary

Admins can enable Microsoft SSO from Global Settings → Integrations and Automations → Authentication in Keka, select Custom Active Directory OIDC, and configure the following:

• Tenant ID
• Client (Application) ID
• Client Secret
• Redirect URI

After completing Azure app registration and permission consent, employee login via Azure AD will be activated.

Security Considerations

• Client secrets must be stored securely and treated as sensitive credentials.
• Secret values are displayed only once during generation.
• Organizations should follow internal policy guidelines for secret rotation and expiry management.

Read more ➜