ZIdentity
Release Upgrade Summary (2023)
This article provides a summary of all new features and enhancements for ZIdentity.
The following service updates were deployed to zslogin.net on the following dates.
- Feature Available
Support for Multi-Factor Authentication
You can now enable and enforce multi-factor authentication for users that authenticate to ZSLogin. The users can choose to configure their authentication preferences to access their ZSLogin account based on the authentication methods (Administration > Authentication Methods) set by the ZSLogin admin.
As a ZSLogin admin, you can view and manage the authenticators for each user from their respective user window (Administration > Users > click the Edit icon for the user > Security Settings).
To learn more, see Setting Up Your Zscaler Account, Configuring Authentication Methods, Configuring Authentication Preference, and Viewing User Entitlements and Authenticators.
Support for OpenID Connect
ZSLogin service now supports the OpenID Connect (OIDC) protocol as a Relying Party (RP). OIDC is a single sign-on protocol much like SAML, which is used to authenticate users at your OpenID Provider (OP) and to assert their authenticated identities to ZSLogin.
To learn more, see Adding OpenID Provider.
Support for User Enrollment to Zscaler Services
You can now use the ZSLogin service to enroll users to your subscribed Zscaler services, mitigating the effort of managing users for each service separately.
To support this feature:
- The ZSLogin Admin Portal is introduced with a new Entitlements section inside the Administration menu (Administration > Administrative and Administration > Service) to manage service admins and service users separately.
- The existing Zscaler Services page (Administration > Zscaler Services) is no longer available.
- You can configure role-based administration for ZSLogin admins to implement granular permissions, such as controlling whether or not an admin can modify user records, assigning users to services, etc.
- You can view the service assignments for each user from their respective user window (Administration > Users > click the Edit icon for the user > Entitlements).
- Two new options, Authentication Session for service enrollment and Force Authentication for Private Access Reauthentication, are added to the Advanced Settings page (Administration > Advanced Settings).
To learn more, see Understanding Entitlements, About ZSLogin Admin Roles, Configuring Advanced Settings and Viewing User Entitlements and Authenticators.