With this provisioning method, you can upload user information to the Zscaler database by simply adding the information manually through the service portal, importing the information from a CSV (Comma-Separated Value) file, or using the Zscaler Authentication Bridge. There is no limit to the number of users that an organization can store in the database.
When users are added directly to the Zscaler database, password-based authentication is the default authentication method. The passwords are uploaded with the username, group and department information, and they are stored in the database in an encrypted format. You can define the complexity of passwords and configure expiry periods. For additional security, you can require users to enter a password that is different from their corporate password.
The Zscaler Central Authority (CA) authenticates users according to the method configured for the organization. With password-based authentication, the CA displays the password request form to the user after it receives the request with the username from the ZEN. After the user submits the password, the CA matches it with the password in the database. It authenticates the user when it finds a match.