Zscaler Identity (Zidentity) Tools ==================================== The Zscaler Identity (Zidentity) tools provide functionality for managing identity and access management features. Available Tools --------------- .. list-table:: ZIdentity Tools :header-rows: 1 :widths: 30 70 * - Tool Name - Description * - ``zid_groups`` - Retrieves Zidentity group information * - ``zid_users`` - Retrieves Zidentity user information Tool Details ------------ zid_users ~~~~~~~~~~~~~~~ Retrieves Zidentity user information. **Parameters:** :param page: Page number for pagination :type page: Optional[int] :param page_size: Number of results per page :type page_size: Optional[int] :param search: Search string for filtering users :type search: Optional[str] :param service: The service to use (default: "zid") :type service: str **Returns:** - List of user dictionaries **Example:** .. code-block:: python users = zid_users(page=1, page_size=50, search="admin") zid_groups ~~~~~~~~~~~~~~~~ Retrieves Zidentity group information. **Parameters:** :param page: Page number for pagination :type page: Optional[int] :param page_size: Number of results per page :type page_size: Optional[int] :param search: Search string for filtering groups :type search: Optional[str] :param service: The service to use (default: "zid") :type service: str **Returns:** - List of group dictionaries **Example:** .. code-block:: python groups = zid_groups(page=1, page_size=50, search="security") Authentication -------------- Zidentity tools support OneAPI authentication: **OneAPI Authentication:** - Uses OAuth2 client credentials - Requires the following environment variables: * ``ZSCALER_CLIENT_ID`` * ``ZSCALER_CLIENT_SECRET`` * ``ZSCALER_VANITY_DOMAIN`` * ``ZSCALER_CLOUD`` Common Use Cases ---------------- 1. **User Management**: List and manage users in the identity system 2. **Group Management**: List and manage groups for access control 3. **Identity Administration**: Administrative tasks for identity management Error Handling -------------- All Zidentity tools include comprehensive error handling: - **Authentication errors**: Invalid credentials or expired tokens - **Permission errors**: Insufficient privileges for the requested operation - **Validation errors**: Invalid parameters or malformed requests - **Rate limiting**: Automatic retry with exponential backoff For detailed error information, check the tool response for error messages and status codes.