Zscaler MCP Server

v0.12.2Securitystable

Zscaler Integration MCP Server is a Model Context Protocol (MCP) server designed for managing Several Zscaler Products using Large Language Models (LLMs).

aigemini-cli-extensionhacktoberfestmcpmcp-server
Share:
35
Stars
0
Downloads
0
Weekly
0/5

What is Zscaler MCP Server?

Zscaler MCP Server is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to zscaler integration mcp server is a model context protocol (mcp) server designed for managing several zscaler products using large language models (llms).

Zscaler Integration MCP Server is a Model Context Protocol (MCP) server designed for managing Several Zscaler Products using Large Language Models (LLMs).

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Zscaler Integration MCP Server is a Model Context Protocol (

Use Cases

Manage Zscaler security products
Configure cloud security policies
Monitor security events
zscaler

Maintainer

LicenseMIT
Languagepython
Versionv0.12.2
UpdatedMay 18, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

PIP

pip install zscaler-mcp

Manual Installation

pip install zscaler-mcp

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Zscaler MCP Server

The Zscaler MCP Server connects AI agents and coding assistants to the Zscaler Zero Trust Exchange platform, exposing 300+ tools spanning ZIA (Zscaler Internet Access), ZPA (Zscaler Private Access), ZDX (Digital Experience), ZCC (Client Connector), and other Zscaler products. By default it operates in read-only mode — only list and get operations are registered — making it safe for autonomous AI use. Write operations require explicit opt-in with a mandatory allowlist pattern, and delete operations additionally require a cryptographic HMAC token to prevent prompt-injection attacks.

Prerequisites

  • Python 3.10+ and uv or pip for installation
  • Zscaler account with OneAPI credentials: ZSCALER_CLIENT_ID, ZSCALER_CLIENT_SECRET, ZSCALER_CUSTOMER_ID, and ZSCALER_VANITY_DOMAIN
  • The Zscaler products you want to manage must be entitled in your OneAPI client
  • An MCP-compatible client such as Claude Desktop, Cursor, or VS Code with GitHub Copilot
1

Install zscaler-mcp from PyPI

Install the server using pip or uvx. The uvx approach is recommended as it runs the server in an isolated environment without permanent installation.

pip install zscaler-mcp
# or use uvx for isolated execution
uvx zscaler-mcp
2

Create a .env file with your Zscaler credentials

Create a .env file with your OneAPI credentials. These are required for the server to authenticate with the Zscaler platform.

ZSCALER_CLIENT_ID=your_oauth_client_id
ZSCALER_CLIENT_SECRET=your_oauth_client_secret
ZSCALER_CUSTOMER_ID=your_customer_id
ZSCALER_VANITY_DOMAIN=yourdomain.zscloud.net
# Optional: restrict to specific services
ZSCALER_MCP_SERVICES=zia,zpa
3

Test the server in read-only mode

Run the server from the command line to verify authentication. The server will log which toolsets are loaded based on your OneAPI entitlements.

zscaler-mcp
4

Configure your MCP client

Add the server to your MCP client configuration using uvx with your .env file path for credential injection.

5

Optionally enable write operations

To allow create, update, or delete operations, start the server with both the --enable-write-tools flag and an explicit --write-tools allowlist pattern. Both flags are required — neither alone enables writes.

zscaler-mcp --enable-write-tools --write-tools "zpa_create_*,zpa_delete_*"

Zscaler MCP Server Examples

Client configuration

Claude Desktop config block using uvx with a .env file for Zscaler OneAPI credential injection. The server starts in read-only mode by default.

{
  "mcpServers": {
    "zscaler-mcp-server": {
      "command": "uvx",
      "args": ["--env-file", "/absolute/path/to/.env", "zscaler-mcp"]
    }
  }
}

Prompts to try

Example prompts that use read-only ZIA and ZPA tools. Be specific about the service name for best results.

- "List my ZPA application segments"
- "Show ZIA firewall rules"
- "List my ZPA segment groups"
- "What ZIA rule labels exist in my tenant?"
- "Get details for ZPA application segment named 'internal-wiki'"

Troubleshooting Zscaler MCP Server

Server starts but shows '0 toolsets loaded' or no tools are available

The OneAPI entitlement filter automatically drops toolsets for products not entitled in your credentials. Verify ZSCALER_CLIENT_ID and ZSCALER_CLIENT_SECRET are correct and that the associated client has the expected product entitlements in the Zscaler admin portal.

Write tools return 'not found' even after enabling --enable-write-tools

The --write-tools allowlist flag is mandatory. Running --enable-write-tools alone registers zero write tools by design. Add --write-tools with a pattern like 'zpa_create_*' to explicitly allowlist the tools you need.

Authentication fails with 401 Unauthorized on every API call

Verify ZSCALER_VANITY_DOMAIN is set to your correct tenant domain (e.g., company.zscloud.net). Also ensure the OneAPI client credentials are not expired and that the client is enabled in Zscaler admin console under Identity > API Clients.

Frequently Asked Questions about Zscaler MCP Server

What is Zscaler MCP Server?

Zscaler MCP Server is a Model Context Protocol (MCP) server that zscaler integration mcp server is a model context protocol (mcp) server designed for managing several zscaler products using large language models (llms). It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Zscaler MCP Server?

Install via pip with: pip install zscaler-mcp. Then configure your AI client to connect to this MCP server.

Which AI clients work with Zscaler MCP Server?

Zscaler MCP Server works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Zscaler MCP Server free to use?

Yes, Zscaler MCP Server is open source and available under the MIT license. You can use it freely in both personal and commercial projects.

Zscaler MCP Server Alternatives — Similar Security Servers

Looking for alternatives to Zscaler MCP Server? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "zscaler": { "command": "pip", "args": ["install", "zscaler-mcp"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Zscaler MCP Server?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides