Zscaler
Overview
The Zscaler connector enables your AI Colleagues to integrate with your organization's Zscaler Internet Access (ZIA) platform, facilitating automated user lifecycle management, directory administration, and security policy workflows.
Zscaler is a cloud-native security platform that provides secure internet and SaaS access, zero trust network access, and digital experience monitoring. The Zscaler connector allows Leena AI to automate user provisioning, manage groups and departments, and streamline identity management workflows seamlessly.
API Details
Leena AI integrates with Zscaler via REST APIs.
Documentation link: https://help.zscaler.com/zia/getting-started-zia-api
Setup
The Zscaler connector uses API Key authentication with session-based token exchange. The connector authenticates using a username, password, and API key to obtain a temporary session token (JSESSIONID) for subsequent API calls.
Prerequisites
Before setting up the Zscaler connector, ensure you have:
- Administrator access to your Zscaler Internet Access (ZIA) Admin Portal
- Access to Administration > Cloud Service API Key Security section
- Ability to create API keys in Zscaler ZIA
- Access to your Leena AI workspace with connector management permissions
Get credentials
Here is how to obtain API credentials from Zscaler ZIA Admin Portal:
- Log in to your ZIA Admin Portal (Ensure you're signed in as an admin).
- Navigate to API Key Management:
- Click on Administration in the sidebar
- Select Cloud Service API Key Security (or API Key Management)
- Create or Copy API Key:
- If an API key exists, copy it for later use
- If no API key is present, click Add API Key to create one
- Note down the API key securely (it may only be displayed once)
- Ensure Administrator Account:
- Navigate to Administration > Administrator Management
- Ensure you have an administrator account with appropriate permissions
- Note down the administrator username and password
- Note Your Zscaler Cloud URL:
- Identify your Zscaler cloud instance base URL (e.g., zsapi.zscaler.net, zsapi.zscalerbeta.net)
- This URL is specific to your organization's Zscaler deployment
Add connection
Here is how to add a connection on Leena AI:
- Log in to your Leena AI workspace
- Navigate to Settings > Integrations
- Search for "Zscaler" and select it from the list to add its new connector
- Start configuring the connector
- Base URL: The base URL of your Zscaler API endpoint (e.g., https://zsapi.zscaler.net)
- Username: Your Zscaler administrator username
- Password: Your Zscaler administrator password
- API Key: The API key obtained from Zscaler Admin Portal
- Test and Save Connection
- Click Connect in Leena AI for Zscaler connector setup
- The system will authenticate with Zscaler and obtain a session token
- Upon successful authentication, the connector will be saved
Actions
The following actions are supported for the Zscaler connector:
Create User
Creates a new user in Zscaler. The Agent can leverage the skill (workflow), which has been designed to create a new user account in Zscaler, once the user raises a query to do so.
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
| Name | Description |
|---|---|
| Name | The full name of the user |
| The email address of the user | |
| Groups | List of groups to assign the user to |
| Department Name | The name of the department the user belongs to |
| Password | The initial password for the user account |
Optional
| Name | Description |
|---|---|
| Department ID | The unique identifier of the department |
| Department IdP ID | The Identity Provider ID for the department |
| Department Comments | Additional comments about the department |
| Department Deleted | Flag indicating if department is marked as deleted |
| Comments | Additional information about this user |
| Temporary Authentication Email | Email address for temporary authentication purposes |
| Group ID | The unique identifier of each group (within Groups array) |
| Group IdP ID | The Identity Provider ID for the group |
| Group Comments | Additional comments about the group |
| Is System Defined | Flag indicating if the group is system-defined |
Here is a sample JSON input:
{
"name": "John Smith",
"email": "[email protected]",
"groups": [
{
"id": 12345,
"name": "Engineering Team"
}
],
"department": {
"id": 67890,
"name": "Engineering"
},
"comments": "New hire - Software Engineer",
"password": "SecurePassword123!"
}Response
Upon successful creation, the action returns the created user details including:
- User ID
- User name and email
- Assigned groups
- Department information
- Creation timestamp
Get Users
Retrieves a list of users from Zscaler. This action can be leveraged by Leena AI Orchestrator/Agent to list down all the users or filter users based on specific criteria. Here are some common use cases:
- User Directory: Get all users in the organization
- Department Lookup: Find users by department
- Group Members: List users belonging to a specific group
- User Search: Find specific users by name
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
None - All parameters are optional for this action.
Optional
| Name | Description |
|---|---|
| Name | Filters by user name |
| Dept | Filters by department name |
| Group | Filters by group name |
| Page | Specifies the page offset |
| Page Size | Specifies the page size. The default size is 100 and the maximum size is 10,000 |
Here is a sample JSON input:
{
"name": "John",
"dept": "Engineering",
"page": 1,
"pageSize": 50
}Response
The action returns a list of users, each containing:
- User ID
- Name and email
- Department information
- Group memberships
- User status
Get Individual User
Retrieves details of a specific user from Zscaler by their ID. The Agent can leverage this action to get complete information about a single user.
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
| Name | Description |
|---|---|
| User | The unique identifier of the user to retrieve |
Optional
None - No optional parameters for this action.
Here is a sample JSON input:
{
"userId": "12345678"
}Response
Upon successful retrieval, the action returns the user details including:
- User ID
- Full name and email
- Department information
- Group memberships
- User comments
- Account status
Update User
Updates an existing user in Zscaler. The Agent can leverage the skill (workflow), which has been designed to modify an existing user account in Zscaler, once the user provides the details to be updated. Here are some common use cases:
- Role Changes: Update user's group assignments
- Department Transfer: Move user to a different department
- Profile Updates: Modify user name or email
- Password Reset: Update user password
- Access Modification: Change user permissions via groups
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
| Name | Description |
|---|---|
| User | The unique identifier of the user to be updated |
| Name | The updated full name of the user |
| The updated email address of the user | |
| Groups | Updated list of groups for the user |
| Department Name | The updated department name |
| Password | The updated password for the user |
Optional
| Name | Description |
|---|---|
| Department ID | The unique identifier of the department |
| Department IdP ID | The Identity Provider ID for the department |
| Department Comments | Additional comments about the department |
| Department Deleted | Flag indicating if department is marked as deleted |
| Comments | Additional information about this user |
| Temporary Authentication Email | Email address for temporary authentication purposes |
| Group ID | The unique identifier of each group |
| Group IdP ID | The Identity Provider ID for the group |
| Group Comments | Additional comments about the group |
| Is System Defined | Flag indicating if the group is system-defined |
Here is a sample JSON input:
//Update User Department
{
"userId": "12345678",
"name": "John Smith",
"email": "[email protected]",
"groups": [
{
"id": 12345,
"name": "Engineering Team"
}
],
"department": {
"id": 99999,
"name": "Product Development"
},
"password": "SecurePassword123!"
}
//Update User Groups
{
"userId": "12345678",
"name": "John Smith",
"email": "[email protected]",
"groups": [
{
"id": 12345,
"name": "Engineering Team"
},
{
"id": 54321,
"name": "Project Alpha"
}
],
"department": {
"id": 67890,
"name": "Engineering"
},
"password": "SecurePassword123!"
}
//Complete User Update
{
"userId": "12345678",
"name": "John D. Smith",
"email": "[email protected]",
"groups": [
{
"id": 12345,
"name": "Senior Engineers"
}
],
"department": {
"id": 67890,
"name": "Engineering"
},
"comments": "Promoted to Senior Engineer",
"password": "NewSecurePassword456!"
}Response
Upon successful update, the action returns the updated user details including:
- Updated user properties
- User ID
- Modification timestamp
- Group and department assignments
Delete User
Deletes an existing user from Zscaler. The Agent can leverage the skill (workflow), which has been designed to remove a user account from Zscaler, once the user specifies the account to be deleted. Here are some common use cases:
- Offboarding: Remove departed employees from Zscaler
- Account Cleanup: Delete obsolete or duplicate accounts
- Security Compliance: Remove unauthorized user accounts
- Access Revocation: Immediately remove user access
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
| Name | Description |
|---|---|
| User | The unique identifier of the user to be deleted |
Optional
None - No optional parameters for this action.
Here is a sample JSON input:
{
"userId": "12345678"
}Response
Upon successful deletion, the action returns:
- Confirmation of successful deletion
- HTTP status code
- Deletion timestamp
Get list of groups
Retrieves a list of groups from Zscaler. This action can be leveraged by Leena AI Orchestrator/Agent to list down all the groups with filtering and sorting options. Here are some common use cases:
- Group Directory: Get all groups in the organization
- Group Search: Find groups by name or other attributes
- Access Control Review: List groups for access management
- Policy Assignment: Identify groups for policy configuration
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
None - All parameters are optional for this action.
Optional
| Name | Description |
|---|---|
| Search | The search string used to match against a group's name or comments attributes |
| Defined By | The string value defined by the group name or other applicable attributes |
| Page | Specifies the page offset |
| Page Size | Specifies the page size |
| Sort By | Sorts the groups based on available values: id, name, expiry, status, externalId, rank, modTime |
| Sort Order | Sorts the order of groups: asc, desc, ruleExecution |
Here is a sample JSON input:
{
"search": "Engineering",
"page": 1,
"pageSize": 50,
"sortBy": "name",
"sortOrder": "asc"
}Response
The action returns a list of groups, each containing:
- Group ID
- Group name
- IdP ID
- Comments
- System defined status
Get List of departments
Retrieves a list of departments from Zscaler. This action can be leveraged by Leena AI Orchestrator/Agent to list down all the departments with filtering and sorting options. Here are some common use cases:
- Organization Structure: Get all departments in the organization
- Department Lookup: Find specific departments by name
- User Assignment: Identify departments for user provisioning
- Reporting: Generate department-based reports
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
None - All parameters are optional for this action.
Optional
| Name | Description |
|---|---|
| Search | The search string used to match against a department's name or comments attributes |
| Page | Specifies the page offset |
| Limit Search | Limits the search to match only against the department name |
| Page Size | Specifies the page size |
| Sort By | Sorts the departments based on available values: id, name, expiry, status, externalId, rank |
| Sort Order | Sorts the order of departments: asc, desc, ruleExecution |
Here is a sample JSON input:
{
"search": "Engineering",
"page": 1,
"pageSize": 50,
"limitSearch": false,
"sortBy": "name",
"sortOrder": "asc"
}Response
The action returns a list of departments, each containing:
- Department ID
- Department name
- IdP ID
- Comments
- Deleted status
Updated 1 day ago