icon-unified.svg
Experience Center

Managing Device Groups

Users can access the Zscaler services through various devices. For example, one user can have two devices, one personal and one employer-provided. The personal device can be enrolled in Internet & SaaS, and the employer-provided device can be enrolled in Internet & SaaS and Private Applications. The ZIdentity admin can control or restrict the devices that are used to access the Zscaler services (Private Applications, Internet & SaaS, Digital Experience Monitoring, etc.) and ensure that only users on authorized devices can enroll in Zscaler services.

To manage device group restrictions:

  1. Go to Administration > Entitlements > End User Entitlements.

  2. On the Service Entitlements page, click the required Zscaler service (e.g., Internet & SaaS).

    The list of service entitlementsClose

    The Internet & Saas - Service page appears.

  3. In the top-right corner, click Manage > Device Group Restrictions.

  4. In the Manage Device Group Restrictions window, select the toggle for Enable Device Group Restrictions.

    The list of registered device IDs is displayed.

    An administrator who can access the ZIdentity service entitlements but does not have permissions to view the device groups can only see whether the Enable Device Group Restrictions option is enabled or not, but cannot change the setting.

  5. Select the devices that must be allowed to access the Zscaler service.

  6. Click Save.

    Users can access the Zscaler service from their registered device.

Related Articles
Assigning Entitlements to UsersAbout Administrative EntitlementsAbout Service EntitlementsManaging EntitlementsManaging Device Groups