Understanding ZIA APIs

Zscaler Internet Access (ZIA) provides three APIs: the cloud service API, Sandbox Submission API, and 3rd-Party App Governance API. To learn more about authentication, making API calls, and activating configuration changes, see Getting Started. For detailed information on all available API calls, endpoints, and parameters, see the Reference Guide. For a table summarizing all available API calls, endpoints, and rate limits, see the API Rate Limit Summary. To try out requests and responses for API calls using the Postman app, see Configuring the Postman REST API Client.

Cloud Service API

Availability of the cloud service API is limited. To enable this API for your organization, contact Zscaler Support.

The cloud service API gives you programmatic access to the following ZIA features:

Sandbox Submission API

To obtain access to the Sandbox Submission API, contact your Zscaler Account team.

The Sandbox Submission API gives you programmatic access to Zscaler Sandbox, which allows you to submit files to perform behavioral analysis. By default, files are directly submitted to the Sandbox to obtain a verdict. If a verdict already exists for the file, you can optionally force the Sandbox to reanalyze the file. You can submit up to 100 raw and archive files (e.g., ZIP) per day for Sandbox analysis. To learn more about the file types supported, see About Sandbox.

The Sandbox Submission API also allows you to perform out-of-band file inspection to generate real-time verdicts. Zscaler leverages capabilities such as Malware Prevention, Advanced Threat Prevention, Sandbox cloud effect, AI/ML-driven file analysis, and integrated third-party threat intelligence feeds to inspect files and classify them as benign or malicious instantaneously. You can submit raw and archive files (e.g., ZIP), and each file is limited to a maximum size of 400 MB. All file types that are supported by the Malware Protection policy and Advanced Threat Protection policy are supported.

Dynamic file analysis is not included in out-of-band file inspection.

3rd-Party App Governance API

To access the 3rd-Party App Governance API, you must have an 3rd-Party App Governance trial or license. To obtain a trial or license, contact your Zscaler Account team.

The 3rd-Party App Governance API gives you programmatic access to Zscaler 3rd-Party App Governance, which allows you to search the 3rd-Party App Governance Catalog for an application by name, app ID, or a valid URL (i.e., consent or marketplace link). If the application is not found in the catalog, it is automatically submitted to the 3rd-Party App Governance Sandbox for analysis. After analysis is complete, you can perform a subsequent search for the application and retrieve its information.

The 3rd-Party App Governance API also allows you to retrieve the list of custom views that you have configured in the 3rd-Party App Governance Admin Portal and includes all configurations that define the custom view. You can then retrieve all applications that are related to a specified custom view.

To learn more, see Reference Guide > 3rd-Party App Governance.