Zscaler

Configuring the Veza Integration for Zscaler

Early Access:: The Zscaler integration is provided as an Early Access feature. Please contact our support team for more details.

Overview

The Veza integration for Zscaler enables the discover of Users, Administrators, Groups, and Roles from the Zscaler platform. Veza uses Zscaler APIs to populate the Authorization Graph with entities and metadata.

This document explains how to enable and create a Zscaler Integration. See Notes and Supported Entities for more details.

Configuring Zscaler

Before adding the integration to Veza, create an API client on the Zscaler platform for the connection.

Browse to your Zscaler instance's admin portal (ex: https://admin.zscalerthree.net/)) and log in.
In the left-hand navigation menu, click Administration, then click Cloud Service API Security under the Authentication heading.
Click Add API Key in the upper-left corner of the screen to create a new API Key, or record the value in the Key column for an existing key.
Record the base URL value shown at the top of the screen (ex: zsapi.zscalerthree.net/api/v1) - the portion between zsapi and .net is the Cloud Name required during Veza configuration.

Configuring Zscaler on the Veza Platform

To enable Veza to gather data from the Zscaler platform:

In Veza, navigate to Configuration > Integrations
Click Add Integration and select Zscaler as the type of integration to add.
Enter the required information and click Create Integration

Field	Notes
Name	A unique display name for the Zscaler connection
Api Key	The API key created on the Zscaler platform above
Cloud Name	The Zscaler cloud name (ex: zscalerthree)
User Name	The username of an administrative user on the Zscaler platform
Password	The password for the administrative user on the Zscaler platform

Field

Notes

Name

A unique display name for the Zscaler connection

Api Key

The API key created on the Zscaler platform above

Cloud Name

The Zscaler cloud name (ex: zscalerthree)

User Name

The username of an administrative user on the Zscaler platform

Password

The password for the administrative user on the Zscaler platform

Notes and Supported Entities

The connector discovers the following entities and attributes

Zscaler User

Attribute Notes

Attribute	Notes
`department`	The user's department
`comments`	Comments on the user object
`is\_auditor`	Boolean True if the user is marked as an auditor
`is\_noneditable`	Boolean True if the user is marked as noneditable
`is\_password\_expired`	Boolean True if the user's password is expired
`is\_password\_login\_allowed`	Boolean True if the user can login with a password
`temp\_auth\_email`	Temporary e-mail used for initial user authentication
`user\_type`	The user's type (SUPERADMIN, ADMIN, AUDITOR, GUEST, REPORT_USER, or UNATH_TRAFFIC_DEFAULT)

department

The user's department

comments

Comments on the user object

is\_auditor

Boolean True if the user is marked as an auditor

is\_noneditable

Boolean True if the user is marked as noneditable

is\_password\_expired

Boolean True if the user's password is expired

is\_password\_login\_allowed

Boolean True if the user can login with a password

temp\_auth\_email

Temporary e-mail used for initial user authentication

user\_type

The user's type (SUPERADMIN, ADMIN, AUDITOR, GUEST, REPORT_USER, or UNATH_TRAFFIC_DEFAULT)

Zscaler Group

Attribute Notes

Attribute	Notes
`comments`	Comments on the group object

comments

Comments on the group object

Zscaler Role

Attribute Notes

Attribute	Notes
`is\_auditor`	Boolean True if the role applies to auditors
`is\_noneditable`	Boolean True if the role is marked as noneditable
`rank`	Admin rank for the role (roles of higher rank can manage objects at lower rank)

is\_auditor

Boolean True if the role applies to auditors

is\_noneditable

Boolean True if the role is marked as noneditable

rank

Admin rank for the role (roles of higher rank can manage objects at lower rank)

PreviousWorkday Next1Password

Last updated 4 months ago