HomeDocumentationProduct UpdatesProduct Roadmap
User Docs
Request DemoWebsite

Zscaler Integration for SaaS Discovery

Configure the LeanIX-Zscaler integration to automatically discover and manage SaaS applications using Zscaler's ZIA API.

Suggest Edits

Introduction

Zscaler is a cloud-based security platform that protects corporate networks and internet access through services like web security, firewall protection, data loss prevention, and secure web gateway functionality.

Once the Zscaler integration is configured, SAP LeanIX uses Zscaler to discover the SaaS applications used within your organization. LeanIX uses Zscaler's ZIA API to discover SaaS applications. To set up this integration, you must provide Zscaler credentials with the appropriate permissions.

Implementation Details

LeanIX uses Zscaler's ZIA API to discover SaaS application activity. The integration relies on the Shadow IT report, which provides detailed information on the applications being used across your corporate network and the extent of their usage. For usage adoption metrics, the total active unique users in Zscaler are calculated based on the user count of the past 7 days.

After setting up the integration, to cross-check the discovered services in the Zscaler Admin portal, hover over Analytics in the left-side pane and select Applications under the SaaS Security section.

Integration CategoriesAuthentication MechanismAPI Endpoints UsedZscaler Resource
Cloud Access Security Brokers (CASB)REST API - API token authFor API authentication: /api/v1/authenticatedSession

For SaaS discovery: /api/v1/cloudApplications/lite
/api/v1/shadowIT/applications/export		Shadow IT Report

Setting up Zscaler Integration

Create a New User for the Integration

  1. Login to Zscaler ZIA portal.
  2. Navigate to the AdministrationAdministrator ManagementAdministrators
  3. Add a new administrator by selecting + Add Administrator.
Creating New User in Zscaler ZIA Portal

Creating New User in Zscaler ZIA Portal

👍

Tip

Assign only the necessary permissions to the role, as most are for dashboard access, and not for API access.

Create an API Token in Zscaler

Note that each organization can only have one API key. For more details, see Zscaler Cloud Service API Key.

  1. Log out and log in again using the newly created user account.
  2. Navigate to AdministrationCloud Service API Security.
  3. In the Cloud Service API Key tab, select + Add API Key to create a new key.
Creating API token

Creating API token

Enter the Necessary Credentials in SAP LeanIX

  1. Add the Zscaler integration in SAP LeanIX. For more, see Setting-up Out-of-the-Box Integrations.
  2. In the configuration, choose a name for the integration and the type of capabilities or data you want to get from Zscaler. Currently, only details of SaaS applications can be retrieved.
  3. Enter the credentials from the ZIA portal that you have generated into the corresponding fields:
    1. API URL: URL where your Zscaler instance is deployed (e.g., https://zsapi.zscalerthree.net).
    2. Username: Username created and used on the ZIA portal.
    3. Password: Password of the user created on the ZIA portal.
    4. API Key: API key generated on the ZIA portal.
Configuring Integration of Zscaler in LeanIX

Configuring Integration of Zscaler in LeanIX

  1. Click Finish and wait for the connection to be established.

Updated 18 days ago