Zscaler Cloud

Zscaler Portal Cloud configuration

  • Go to Authentication Settings: https://admin.zscloud.net/#administration/auth-settings</pre>

  • In the field Authentication Type select SAML

  • Click on Configure SAML

  • In the field Login Name Attribute write: NameID Note: the default NameID is the user's email. If you want to use the upn instead, enter the following script line in Trustelem application Custom scripting field (see below for a complete example):

  • In the field SAML Portal URL write: https://mycompany.trustelem.com/app/18XXXX/sso

  • In Public SSL Certificate, upload the certificate of your Trustelem application

  • Turn OFF both Enable SCIM-Based Provisioning and Sign SAML Request

If you want to turn ON the SAML Auto-Provisioning function

  • In Zscaler, activate SAML Auto-Provisioning and enter the following attributes:

  • User Display Name Attribute : displayName

  • Group Name Attribute : groups

  • Department Name Attribute : department

  • In Trustelem application Custom scripting field, write:

    Note: instead of the constants “groupX” and “my_department”, you can use other user's attributes. For instance if you want to use Trustelem group attribute:

Here is a complete example of custom scripting: custom script