Zscaler provides a number of ways to provision users, groups and departments as described in Choosing Provisioning and Authentication Methods. You can also add users when you configure policies. This article describes how to manage user accounts in the User Management page of the Zscaler admin portal. (To get to this page, go to Administration > Authentication > User Management.) From the User management page of the admin portal, you can do the following:

Add individual users

When you add users, you must specify their groups and departments.

To add a new user:

  1. Navigate to Administration > Authentication > User Management.
  2. Click Add and specify the following information about the user:
    • Enter the User ID. The user ID consists of a user name and domain name in email format. Enter the user name and if your organization has more than one domain, select the domain name. Note that the username must be in the form of an email address. It does not have to be a valid email address, but it must be unique and its domain must belong to the organization.
    • User Name: Typically, the full name of the user. This appears when chossing users for policies.
    • Groups: Groups are used in policies. You can control access to apps based on user groups.
    • Departments: Departments are used in policies and reports. Unlike groups, a user can belong to only one department.
    • Comments: Optionally, enter additional notes or information. The content cannot exceed 10240 characters.
    • Enter the user’s Password, If you selected password as the authentication method. It must follow the guidelines that you defined. 
    • In the Temporary Authentication Email field, enter a valid email address if you selected One-time Token or One-time Link as the temporary authentication method.
  3. Click Save.
  4. Repeat the procedure for each new user.
  5. Activate your changes.

Importing users

To import information for up to 3000 users:

A. Prepare the CSV File

You can download a sample CSV file and add your user information to it. This helps ensure that the format of your entries is correct. To download the sample CSV file and use it as a template:

  1. Navigate to Administration > Authentication > User Management > Users tab.
  2. Click Sample Import CSV file.
  3. Save the CSV file and add your user information.
    To ensure that the service successfully imports the CSV file, the file must be in the following format:
    • The file name must have a .csv extension.
    • The first line of the file is the header row.
    • Enter one of the following for Action:
      • + (plus sign) to add a new user. When adding a user, Email-ID, User Name, Dept and Group must be filled in. A user can belong to up to 128 groups.
      • - (minus sign) to delete a user. When deleting a user, only Email-ID is required.
    • The password can be left blank, if you don’t want to upload passwords in clear text. You can use One-Time Passwords to enable users to log in and set passwords.
    • Each user must be on a separate line.
    • Each user's email address must have a domain name that was defined in the portal. If the authentication method is one-time token or one-time link, then either this field or the Temp auth email field must contain a valid email address.
    • The temporary email address can specify any domain. This is used if the authentication method is a one-time token or one-time link. It can have any domain name, but it must be a valid email address.

B. Import the CSV File

To import the CSV file:

  1. Navigate to Administration > Authentication > User Management > Users tab.
  2. Click Import.
  3. Enable or disable Overwrite Existing Entries.
    Enable this option if you want to update some of your existing users’ profiles, profiles (for example, group information, password, or departments) as well as add new users. The service replaces any user in your existing table with the identical end user data in the import file. The "overwrite" function does not overwrite your entire user database. It overwrites only the users who are in the database and in the import file.
    Disable this option if you want to simply add all the users in the import file. If there are identical users in the database and the import file, the service returns an error stating that identical users could not be imported. Browse to the file that contains your list of users and delete the duplicate users.
  4. Click Choose File, navigate to the CSV file you want to import, and then  click Import.
    The service displays the import results. If it failed to import certain records, the service includes these details in the results.

Download users

To download a CSV file that lists all users:

  1. Navigate to Administration > Authentication > User Management > Users tab.
  2. Click Download.

NOTE: You cannot import the downloaded file because it uses a different format. The file that you import must be in the same format as the sample CSV file provided when you click Sample Import CSV file.