Zscaler Private Access MCP server
Zscaler Private Access (ZPA) provides zero trust access to private applications without exposing them to the internet. An MCP server for ZPA allows AI agents to manage application access policies, connectors, user groups, and security controls across your zero trust environment without needing direct portal access.
Setting up an MCP server
This article covers the standard steps for creating an MCP server in AI Gateway and connecting it to an AI client. The steps are the same for every integration — application-specific details (API credentials, OAuth endpoints, and scopes) are covered in the individual application pages.
Before you begin
You'll need:
- Access to AI Gateway with permission to create MCP servers
- API credentials for the application you're connecting (see the relevant application page for what to collect)
Create an MCP server
Find the API in the catalog
- Sign in to AI Gateway and select MCP Servers from the left navigation.
- Select New MCP Server.
- Search for the application you want to connect, then select it from the catalog.
Configure the server
- Enter a Name for your server — something descriptive that identifies both the application and its purpose (for example, "Zendesk Support — Prod").
- Enter a Description so your team knows what the server is for.
- Set the Timeout value. 30 seconds works for most APIs; increase to 60 seconds for APIs that return large payloads.
- Toggle Production mode on if this server will be used in a live workflow.
- Select Next.
Configure authentication
Enter the authentication details for the application. This varies by service — see the Authentication section of the relevant application page for the specific credentials, OAuth URLs, and scopes to use.
Configure security
- Set any Rate limits appropriate for your use case and the API's own limits.
- Enable Logging if you want AI Gateway to record requests and responses for auditing.
- Select Next.
Deploy
Review the summary, then select Deploy. AI Gateway provisions the server and provides a server URL you'll use when configuring your AI client.
Connect to an AI client
Once your server is deployed, you'll need to add it to the AI client your team uses. Select your client for setup instructions:
Tips
- You can create multiple MCP servers for the same application — for example, a read-only server for reporting agents and a read-write server for automation workflows.
- If you're unsure which OAuth scopes to request, start with the minimum read-only set and add write scopes only when needed. Most application pages include scope recommendations.
- You can edit a server's name, description, timeout, and security settings after deployment without redeploying.
Authentication
Zscaler ZPA uses OAuth 2.0 with client credentials flow. The base URL is https://config.private.zscaler.com and the token endpoint is https://config.private.zscaler.com/signin. Generate a client ID and secret from Administration > API Keys in the ZPA admin portal, then note your customer ID. These credentials are used to obtain OAuth tokens that authenticate subsequent API requests.
Available tools
The tools enable configuration of application access policies, connector management, user and group provisioning, and security monitoring. They allow you to define zero trust access rules, manage application segments, configure microsegmentation, and monitor user activity.
| Tool | Description |
|---|---|
| Application Configuration | Add applications, configure segments, set domains, define health checks |
| Application Groups | Create groups, assign members, set group policies, manage inheritance |
| Access Policies | Create policies, set conditional access, require MFA, configure time-based rules |
| Policy Testing | Test policies before deployment, simulate user access, validate rule logic |
| Connector Deployment | Deploy connectors, create connector groups, set redundancy and failover rules |
| Connector Operations | Update versions, restart connectors, check health, view diagnostics |
| Load Balancing | Configure distribution, set failover rules, monitor performance, optimize routing |
| User Access | Grant and revoke access, set access duration, track user activity |
| Group Policies | Create groups, sync from Active Directory, set permissions, manage inheritance |
| SCIM Provisioning | Sync users from identity provider, automate provisioning, handle deprovisioning |
| Access Analytics | Show user patterns, track app usage, monitor failed attempts, analyze trends |
| Performance Metrics | Measure latency, track connector performance, monitor user experience |
| Browser Isolation | Enable for risky apps, configure isolation policies, control downloads |
| SIEM Integration | Stream access logs, send security events, configure webhooks, export trails |
| Access Investigation | Investigate suspicious access, trace user activity, analyze patterns |
Tips
Use OAuth 2.0 token rotation to limit credential exposure.
Monitor API usage regularly to maintain security.
Implement least privilege access by creating granular policies.
Require MFA for sensitive applications.
Conduct regular access reviews to ensure permissions remain appropriate.
Enable session recording for high-risk applications.
Set up real-time alerting for anomalous access attempts to detect unauthorized activity quickly.
Cequence AI Gateway