Ctrlk
ProductBook a demoOpen app
linkedinyoutube

Execute Response Actions with Zscaler OneAPI

Configure the Zscaler OneAPI action connector to enable URL containment and remediation tasks during phishing response.

In this guide, you will create an API role in Zscaler Internet Access (ZIA), register an API client in ZIdentity, and configure the Zscaler OneAPI action connector in Radiant Security to enable URL containment and remediation tasks.

Available actions

The following actions are available after you set up the Zscaler OneAPI action connector. Additional permissions are required.

  • Block URL

  • Unblock URL

At the end of this configuration, you will provide Radiant Security with these values:

  • Client ID

  • Client Secret

  • Vanity Domain

This article walks you through three steps:

  • Create an API role in ZIA

  • Register an API client in ZIdentity

  • Add the Zscaler OneAPI action connector in Radiant Security

Prerequisites

Create an API role in ZIA

  1. Log in to the Zscaler Experience Center (or the legacy ZIA Admin Portal, depending on your tenant).

  2. Navigate to Administration > Role Management.

  3. Click Add API Role.

  4. Enter a Name for the role (e.g. Radiant_Security_API_Role). Note this name - you will need it when assigning the role in ZIdentity.

  5. Under Permissions, set the following:

    Functional Scope
    Permission

    Cyber Threat Protection

    View, Edit

  6. Save and activate the change in the Zscaler Experience Center.

Note: API roles created in ZIA are synced to ZIdentity automatically. If the role does not appear in ZIdentity immediately, navigate to Administration > API Configuration > OneAPI > API Resources in the ZIdentity Admin Console and click Sync Now.

Register an API client in ZIdentity

  1. Log in to the ZIdentity Admin Console.

  2. Navigate to Administration > API Configuration > OneAPI > API Clients.

  3. Click Add API Client. The Add API Client drawer opens with the Client tab selected by default.

  4. On the Client tab, enter the following:

    • Name: An identifier for the client (e.g. Radiant Security OneAPI Client)

    • Description: A brief description of the client's purpose

    • Status: Enabled

    • Access Token Validity: The token lifetime in minutes. Minimum is 1 minute; maximum is 24 hours (1440 minutes).

  5. Under Client Authentication, select Secret and click Add. ZIdentity auto-generates a secret key and displays it once.

  6. Set the validity period for the secret. Minimum is 30 days; maximum is 365 days.

  7. Copy the Client Secret and store it securely.

Important note: Be sure to document and store the Client Secret carefully, as it cannot be retrieved later. You can configure a maximum of two client secrets per API client; adding a third replaces the oldest.

  1. Click the Resources tab.

  2. Under Internet & SaaS, select the API role you created in Create an API role in ZIA.

  3. Click Save.

  4. On the API Clients page, locate the newly configured client and click the Edit icon.

  5. Copy and store the following values:

    • Client ID

    • Vanity Domain: The domain prefix used in your ZIdentity login URL (Typically in the format https://<vanity_domain>.zslogin.net).

Add the Zscaler OneAPI action connector in Radiant Security

  1. Log in to Radiant Security.

  2. From the navigation menu, select Settings > Action Connectors and click + Add Connector.

  3. Select Zscaler OneAPI from the vendor list.

  4. Under Credential Name, give the credential an identifiable name (e.g. Zscaler OneAPI Credentials).

  5. Enter the Client ID, Client Secret, and Vanity Domain values from the previous section.

  6. Click Add Connector to save.

PreviousZScaler NSS On-PremNextZScaler ZPA

Last updated

Was this helpful?