> ## Documentation Index
> Fetch the complete documentation index at: https://help.dsalta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Azure Active Directory

> How DSALTA integrates with Azure Active Directory — data collected, setup guide, and automated compliance checks.

## Overview

DSALTA connects to Azure Active Directory using read-only API access to collect compliance evidence automatically. Data syncs every 24 hours and feeds into your Data Library modules.

<Info>
  **Read-only access.** DSALTA never modifies, creates, or deletes resources in your Azure Active Directory environment.
</Info>

## How to Connect

1. Go to **Integrations** in the DSALTA sidebar.
2. Find **Azure Active Directory** and click **Connect**.
3. Authenticate with admin-level access.
4. Select the scope (accounts, projects, or resources to monitor).
5. DSALTA performs an initial sync (5-15 minutes). Checks activate after sync completes.

## Automated Compliance Checks

Each check below runs automatically every 24 hours. Click any check for step-by-step remediation guidance.

| Check                                                                                                                                   | Description                                                                                 |
| --------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------- |
| [MFA should be enabled for all users](/integrations/azure-active-directory/mfa-should-be-enabled-for-all-users)                         | Checks that MFA is enabled for all Azure Active Directory users.                            |
| [User access to critical systems should be valid](/integrations/azure-active-directory/user-access-to-critical-systems-should-be-valid) | Checks that users with access to critical systems are authorized in Azure Active Directory. |
| [Offboarded users should not have active access](/integrations/azure-active-directory/offboarded-users-should-not-have-active-access)   | Checks that offboarded users no longer have active Azure Active Directory access.           |

## Troubleshooting

<AccordionGroup>
  <Accordion title="Integration shows Disconnected">
    Re-authenticate from **Integrations → Azure Active Directory → Reconnect**. This usually happens when API tokens expire.
  </Accordion>

  <Accordion title="Data is not syncing">
    Verify the connected account has admin permissions. Try a manual sync from the integration settings.
  </Accordion>
</AccordionGroup>