@itentialopensource/adapter-zscaler

openapi: 3.0.0 info: title: adapter-zscaler contact: {} version: '1.0.0' servers: - url: https://{defaultHost} variables: defaultHost: default: www.example.com paths: /zscsb/submit: post: tags: - Sandbox Submission API summary: submitFile description: > Submits raw or archive files (e.g., ZIP) to Sandbox for analysis. You can submit up to 100 files per day and it supports all file types that are currently supported by Sandbox. To learn more, see <a href="/zia/about-sandbox" target="_blank">About Sandbox</a>. By default, files are scanned by Zscaler antivirus (AV) and submitted directly to the sandbox in order to obtain a verdict. However, if a verdict already exists for the file, you can use the 'force' parameter to make the sandbox to reanalyze it. You must have a Sandbox policy rule configured within the ZIA Admin Portal in order to analyze files that aren't present in the default policy rule. Ensure that you have explicitly added Sandbox policy rules that include the appropriate file types within your request. If not, an 'Unknown' message is shown in the response. To learn more, see <a href="/zia/configuring-sandbox-policy" target="_blank">Configuring the Sandbox Policy</a> and <a href="/zia/configuring-default-sandbox-rule" target="_blank">Configuring the Default Sandbox Rule</a>.After files are sent for analysis, you must use GET /sandbox/report/{md5Hash} in order to retrieve the verdict. You can get the Sandbox report 10 minutes after a file is sent for analysis. operationId: submitFile parameters: - name: api_token in: query description: The Sandbox API token obtained from the ZIA Admin Portal to be used for authenticating the Sandbox Submission API. To learn more, see <a href="/zia/about-sandbox-api-token" target="_blank">Managing Sandbox API Token</a>. required: true style: form explode: true schema: type: string - name: force in: query description: Submit file to sandbox even if found malicious during AV scan and a verdict already exists. style: form explode: true schema: allOf: - $ref: '#/components/schemas/force1' - description: Submit file to sandbox even if found malicious during AV scan and a verdict already exists. responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/SandboxSubmissionResponse' - description: Sandbox submission response information. deprecated: false /zscsb/discan: post: tags: - Sandbox Submission API summary: submitFileForScan description: 'Submits raw or archive files (e.g., ZIP) to the Zscaler service for out-of-band file inspection to generate real-time verdicts for known and unknown files. It leverages capabilities such as Malware Prevention, Advanced Threat Prevention, Sandbox cloud effect, AI/ML-driven file analysis, and integrated third-party threat intelligence feeds to inspect files and classify them as benign or malicious instantaneously.All file types that are currently supported by the <a href="/zia/configuring-malware-protection-policy" target="_blank">Malware Protection policy</a> and <a href="/zia/configuring-advanced-threat-protection-policy" target="_blank">Advanced Threat Protection</a> policy are supported for inspection, and each file is limited to a size of 400 MB.Note: Dynamic file analysis is not included in out-of-band file inspection.' operationId: submitFileForScan parameters: - name: api_token in: query description: The Sandbox API token obtained from the ZIA Admin Portal to be used for authenticating the Sandbox Submission API. To learn more, see <a href="/zia/about-sandbox-api-token" target="_blank">Managing Sandbox API Token</a>. required: true style: form explode: true schema: type: string responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/DIScanSubmissionResponse' - description: Information about the file inspection results deprecated: false /apps/app: get: tags: - Applications summary: getApp description: > https://api.apptotal.zscaler.com/v1/apps/app Constraints:<ul><li> For query parameters, ensure that the provided characters adhere to the specifications outlined in RFC 7230 and RFC 3986. <li> Special characters and encoding must follow the standards defined in RFC 3986.</ul> Searches the AppTotal App Catalog by either app ID or URL (i.e., a valid consent or marketplace link). You must use one of the required parameters—<code>app_id </code> or <code>url</code>—for your search. If you use both an app ID and a URL for your search, an error is returned. <ul><li>If the app is found in the catalog, a <code>200</code> response is received and the app's information is returned. </li><li>If the app is not initially found in the catalog, a <code>202</code> response is received and the app is submitted for analysis in the AppTotal Sandbox. </li> Note: After analysis is complete, a subsequent <code>GET</code> request is required to fetch the app's information. As a best practice, allow 24 hours for analysis and then resubmit the required <code>GET</code> request. </ul><ul><li>If the app is not found in the catalog, a <code>404</code> response is received.</li><li>If the URL is not valid, a <code>400</code> response is received.</li> Note: If you cannot find the app via the API, you can troubleshoot by <a target=_blank href="https://help.zscaler.com/zia/searching-apps\">manually searching for the app</a> in the AppTotal Admin Portal. If you cannot find the app through manual search, contact Zscaler Support. </ul>To learn more, see the Responses in the right-side panel. operationId: getApp parameters: - name: app_id in: query description: The app identifier (e.g., OAuth client ID) style: form explode: true schema: type: string - name: url in: query description: Valid consent link or marketplace link style: form explode: true schema: type: string - name: verbose in: query description: Return a verbose report including potentially heavy artifacts (e.g., extracted URLs and a list of vulnerabilities) style: form explode: true schema: type: boolean responses: '200': description: Successful Operation headers: X-Rate-Limit-Remaining: description: The requests remaining until the quota limit is reached content: text/plain: schema: type: integer description: The requests remaining until the quota limit is reached format: int32 content: application/json: schema: $ref: '#/components/schemas/Application' '202': description: Application Analysis Underway headers: {} content: application/json: schema: $ref: '#/components/schemas/SimpleMessageResponse' '400': description: Bad Input Parameter headers: {} content: {} '401': description: Not Authenticated headers: {} content: {} '403': description: Access Forbidden headers: {} content: {} '404': description: Application Not Found headers: {} content: {} '409': description: Rate Limit Exceeded headers: Retry-After: description: The seconds remaining until the rate limit resets content: text/plain: schema: type: integer description: The seconds remaining until the rate limit resets format: int32 content: {} '500': description: Internal Server Error Occurred headers: {} content: {} deprecated: false post: tags: - Applications summary: postApp description: > https://api.apptotal.zscaler.com/v1/apps/app Submits an app for analysis in the AppTotal Sandbox. After analysis is complete, a subsequent <code>GET</code> request is required to fetch the app's information. operationId: postApp parameters: [] requestBody: description: The app identifier (e.g., OAuth client ID) content: application/json: schema: allOf: - $ref: '#/components/schemas/SimpleAppIdRequest' - description: The app identifier (e.g., OAuth client ID) required: true responses: '200': description: Successful Operation headers: X-Rate-Limit-Remaining: description: The requests remaining until the quota limit is reached content: text/plain: schema: type: integer description: The requests remaining until the quota limit is reached format: int32 content: {} '400': description: Invalid Request Body headers: {} content: {} '401': description: Not Authenticated headers: {} content: {} '403': description: Access Forbidden headers: {} content: {} '409': description: Rate Limit Exceeded headers: Retry-After: description: The seconds remaining until the rate limit resets content: text/plain: schema: type: integer description: The seconds remaining until the rate limit resets format: int32 content: {} '500': description: Internal Server Error Occurred headers: {} content: {} deprecated: false /apps/search: get: tags: - Applications summary: AppsSearch_GET description: > https://api.apptotal.zscaler.com/v1/apps/search Constraints:<ul><li> For query parameters, ensure that the provided characters adhere to the specifications outlined in RFC 7230 and RFC 3986. <li> Special characters and encoding must follow the standards defined in RFC 3986.</ul> Searches for an app by name. Any app whose name contains the search term (<code>appName</code>) is returned. Note: The maximum number of results that are returned is 200. operationId: AppsSearch_GET parameters: - name: appName in: query description: The app name required: true style: form explode: true schema: minLength: 3 type: string - name: limit in: query description: Limit the number of results style: form explode: true schema: maximum: 200 minimum: 1 type: integer format: int32 default: 50 - name: page in: query description: Page number style: form explode: true schema: minimum: 1 type: integer format: int32 default: 1 responses: '200': description: Successful Operation headers: X-Rate-Limit-Remaining: description: The remaining requests until the quota limit is reached content: text/plain: schema: type: integer description: The remaining requests until the quota limit is reached format: int32 content: application/json: schema: type: array items: $ref: '#/components/schemas/PaginationResponse' description: '' '400': description: Invalid Request Body headers: {} content: {} '401': description: Not Authenticated headers: {} content: {} '403': description: Access Forbidden headers: {} content: {} '409': description: Rate Limit Exceeded headers: Retry-After: description: The seconds remaining until the rate limit resets content: text/plain: schema: type: integer description: The seconds remaining until the rate limit resets format: int32 content: {} '500': description: Internal Server Error Occurred headers: {} content: {} deprecated: false /app_views/list: get: tags: - App Views summary: getViews description: https://api.apptotal.zscaler.com/v1/app_views/list Retrieves the list of <a target=_blank href="https://help.zscaler.com/zia/custom-views\">custom views</a> that you have configured in the AppTotal Admin Portal and includes all configurations that define the custom view. operationId: getViews parameters: [] responses: '200': description: Successful Operation headers: X-Rate-Limit-Remaining: description: The requests remaining until the quota limit is reached content: text/plain: schema: type: integer description: The requests remaining until the quota limit is reached format: int32 content: application/json: schema: type: array items: $ref: '#/components/schemas/AppViewsResponse' description: '' '400': description: Invalid Request Body headers: {} content: {} '401': description: Not Authenticated headers: {} content: {} '403': description: Access Forbidden headers: {} content: {} '409': description: Rate Limit Exceeded headers: Retry-After: description: The seconds remaining until the rate limit resets content: text/plain: schema: type: integer description: The seconds remaining until the rate limit resets format: int32 content: {} '500': description: Internal Server Error Occurred headers: {} content: {} deprecated: false /app_views/{appViewId}/apps: get: tags: - App Views summary: getViewApps description: https://api.apptotal.zscaler.com/v1/app_views/{appViewId}/apps Retrieves all assets (i.e., apps) that are related to a specified argument (i.e., <a target=_blank href="https://help.zscaler.com/zia/custom-views\">custom view</a>). Uses the value of <code>id</code> from <code>GET /app_views/list</code> to return the app IDs of the apps related to the custom view. operationId: getViewApps parameters: - name: appViewId in: path description: The custom view identifier required: true style: simple schema: type: string responses: '200': description: Successful Operation headers: X-Rate-Limit-Remaining: description: The requests remaining until the quota limit is reached content: text/plain: schema: type: integer description: The requests remaining until the quota limit is reached format: int32 content: application/json: schema: type: array items: $ref: '#/components/schemas/AppViewAppsResponse' description: '' '400': description: Invalid Request Body headers: {} content: {} '401': description: Not Authenticated headers: {} content: {} '403': description: Access Forbidden headers: {} content: {} '409': description: Rate Limit Exceeded headers: Retry-After: description: The seconds remaining until the rate limit resets content: text/plain: schema: type: integer description: The seconds remaining until the rate limit resets format: int32 content: {} '500': description: Internal Server Error Occurred headers: {} content: {} deprecated: false /adminRoles/lite: get: tags: - Admin & Role Management summary: getRoleSummary description: > Gets a name and ID dictionary of all admin roles. The list only includes the name and ID for all admin roles. To learn more, see <a href="/zia/about-role-management" target="_blank">About Role Management</a>. operationId: getRoleSummary parameters: - name: includeAuditorRole in: query description: Include or exclude auditor role information in the list. style: form explode: true schema: type: boolean - name: includePartnerRole in: query description: Include or exclude partner admin role information in the list. style: form explode: true schema: type: boolean default: true - name: includeApiRole in: query description: Include or exclude API role information in the list. style: form explode: true schema: type: boolean default: true - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/AdminRole' - description: The admin role specifies an admin's level of access to the Zscaler Admin Portal. deprecated: false /adminUsers: get: tags: - Admin & Role Management summary: getAdminUsers description: > Gets a list of admin users. By default, auditor user information is not included. To learn more, see <a href="/zia/about-administrators" target="_blank">About Administrators</a> and <a href="/zia/about-auditors" target="_blank">About Auditors</a>. operationId: getAdminUsers parameters: - name: includeAuditorUsers in: query description: Include or exclude auditor user information in the list. style: form explode: true schema: type: boolean - name: includeAdminUsers in: query description: Include or exclude admin user information in the list. style: form explode: true schema: type: boolean default: true - name: search in: query description: The search string used to partially match against an admin/auditor user's Login ID or Name. style: form explode: true schema: type: string - name: page in: query description: Specifies the page offset. style: form explode: true schema: type: integer format: int32 default: 1 - name: pageSize in: query description: Specifies the page size. The default size is 100, but the maximum size is 1000. style: form explode: true schema: type: integer format: int32 default: 100 - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/AdminUser' - description: Admin and auditor information. deprecated: false post: tags: - Admin & Role Management summary: addAdminUser description: > Creates an admin or auditor user. To learn more, see <a href="/zia/adding-admins" target="_blank">Adding Admins</a> and <a href="/zia/adding-auditors" target="_blank">Adding Auditors</a>. operationId: addAdminUser parameters: - name: associateWithExistingAdmin in: query description: This field is set to true to update an admin user that already exists in other Zscaler services but does not exist in ZIA. For example, this field must be set to true when creating an admin user in ZIA who's already a user in Zscaler Digital Experience (ZDX). To learn more, see <a href="/zia/adding-zia-admins" target="_blank">Adding ZIA Admins</a>. style: form explode: true schema: type: boolean default: false requestBody: description: '' content: application/json: schema: $ref: '#/components/schemas/AdminUser' required: false responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/AdminUser' - description: Admin and auditor information. deprecated: false /adminUsers/{userId}: put: tags: - Admin & Role Management summary: updateAdminUser description: > Updates admin or auditor user for the specified ID. You can only disable/enable the <a href="/zia/about-administrators" target="_blank">default admin account</a> using this endpoint, all other updates within the request are ignored for this admin account. operationId: updateAdminUser parameters: - name: userId in: path description: The unique identifier for the admin/auditor user. required: true style: simple schema: type: integer format: int32 - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/AdminUser' - description: Admin and auditor information. deprecated: false delete: tags: - Admin & Role Management summary: deleteAdminUser description: > Deletes an admin or auditor user using the specified IDNote: This request deletes an admin and removes them as a user from the ZIA Admin Portal. To delete the admin privileges for a user while retaining them as a regular user of your organization in the ZIA Admin Portal, use the <code>POST /adminUsers/{userId}/convertToUser</code> request. Sample Request (Python)<pre>import http.client import json conn = http.client.HTTPSConnection("HOSTNAME") headers = {     'content-type': "application/json",     'cache-control': "no-cache",     'cookie': "JSESSIONID=xxxxxxx" } conn.request("DELETE", "/api/v1/adminUsers/6794036", headers=headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))</pre> Sample Response<pre>204 No Content</pre> operationId: deleteAdminUser parameters: - name: userId in: path description: The unique identifier for the admin/auditor user. required: true style: simple schema: type: integer format: int32 - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '204': description: Successful Operation headers: {} content: {} deprecated: false /adminUsers/{userId}/convertToUser: post: tags: - Admin & Role Management summary: convertAdminToEndUser description: Removes admin privileges for a user while retaining them as a regular user of your organization in the ZIA Admin Portal. This can be used as an alternative to the <code>DELETE /adminUsers/{userId}</code> request, which deletes an admin and removes them as a user from the ZIA Admin Portal. To learn more, see <a href="/zia/deleting-zia-admins" target="_blank">Deleting ZIA Admins</a>.Before you can delete the admin privileges for a user, you need to obtain the admin user's ID and other information by using the <code>GET /users</code> request and then send the admin user details in the <code>POST /adminUsers/{userId}/convertToUser</code> request. operationId: convertAdminToEndUser parameters: - name: userId in: path description: The unique identifier of the admin user required: true style: simple schema: type: integer format: int32 requestBody: description: Information about the user for whom the admin privileges must be removed. Group information is mandatory in the request Body. Optionally, you can include other field information to modify the values. content: application/json: schema: allOf: - $ref: '#/components/schemas/User' - description: Information about the user for whom the admin privileges must be removed. Group information is mandatory in the request Body. Optionally, you can include other field information to modify the values. required: false responses: '200': description: Successful Operation headers: {} content: application/json: schema: $ref: '#/components/schemas/User' deprecated: false /browserIsolation/profiles: get: tags: - Browser Isolation summary: getCloudBrowserIsolationProfiles description: Gets a list of all the cloud browser isolation profiles in the Isolation Profile field for <a href="/zia/configuring-url-filtering-policy#Action" target="_blank">URL Filtering Policy</a> and <a href="/zia/adding-rules-cloud-app-control-policy" target="_blank">Cloud App Control Policy</a> rules. operationId: getCloudBrowserIsolationProfiles parameters: - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: type: array items: $ref: '#/components/schemas/BrowserIsolationProfile' description: '' deprecated: false /dlpDictionaries: get: tags: - Data Loss Prevention summary: getDlpDictionaries description: Gets information on all custom and predefined DLP dictionaries. operationId: getDlpDictionaries parameters: - name: search in: query description: The search string used to match against a DLP dictionary's name or description attributes. style: form explode: true schema: type: string - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: type: array items: $ref: '#/components/schemas/DlpDictionaryDom' description: '' deprecated: false post: tags: - Data Loss Prevention summary: addCustomDLPDictionary description: Adds a new custom DLP dictionary. operationId: addCustomDLPDictionary parameters: [] requestBody: description: The information for a custom DLP Dictionary that uses Patterns and Phrases, Exact Data Match (EDM), or Indexed Document Match (IDM). To learn more, see <a href="/zia/adding-custom-dlp-dictionary" target="_blank">Adding Custom DLP Dictionaries</a>. content: application/json: schema: allOf: - $ref: '#/components/schemas/DlpDictionariesRequest' - description: The information for a custom DLP Dictionary that uses Patterns and Phrases, Exact Data Match (EDM), or Indexed Document Match (IDM). To learn more, see <a href="/zia/adding-custom-dlp-dictionary" target="_blank">Adding Custom DLP Dictionaries</a>. required: false responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/DlpDictionaryDom' - description: A DLP dictionary contains a set of patented algorithms that are designed to detect specific kinds of information in user traffic. For a list of and information on all predefined dictionaries, see <a href="/zia/about-dlp-dictionaries" target="_blank">About DLP Dictionaries</a>. You can modify predefined DLP dictionaries or create custom dictionaries for content that is not properly covered by them. For example, using the cloud service API, you can create custom DLP dictionaries that trigger based on specific patterns and phrases. To learn more, see <a href="/zia/adding-custom-dlp-dictionary" target="_blank">Adding Custom DLP Dictionaries</a>, <a href="/zia/defining-patterns-custom-dictionaries" target="_blank">Defining Patterns for Custom DLP Dictionaries</a>, and <a href="/zia/defining-phrases-custom-dictionaries" target="_blank">Defining Phrases for Custom DLP Dictionaries</a>. You can also create custom DLP dictionaries based on Exact Data Match (EDM) or Indexed Document Match (IDM). To learn more, see <a href="/zia/about-exact-data-match" target="_blank">About Exact Data Match</a> and see <a href="/zia/about-indexed-document-match" target="_blank">About Indexed Document Match</a>. deprecated: false /dlpDictionaries/lite: get: tags: - Data Loss Prevention summary: getDLPDictionarySummary description: Gets a name and ID dictionary of all custom and predefined DLP dictionaries. operationId: getDLPDictionarySummary parameters: - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: type: array items: $ref: '#/components/schemas/DlpDictionaryDom' description: '' deprecated: false /dlpDictionaries/{dlpDictId}: get: tags: - Data Loss Prevention summary: getDlpDictionaryById description: Gets DLP dictionary information for the specified ID. operationId: getDlpDictionaryById parameters: - name: dlpDictId in: path description: The unique identifier for the DLP dictionary. required: true style: simple schema: type: integer format: int32 - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/DlpDictionaryDom' - description: A DLP dictionary contains a set of patented algorithms that are designed to detect specific kinds of information in user traffic. For a list of and information on all predefined dictionaries, see <a href="/zia/about-dlp-dictionaries" target="_blank">About DLP Dictionaries</a>. You can modify predefined DLP dictionaries or create custom dictionaries for content that is not properly covered by them. For example, using the cloud service API, you can create custom DLP dictionaries that trigger based on specific patterns and phrases. To learn more, see <a href="/zia/adding-custom-dlp-dictionary" target="_blank">Adding Custom DLP Dictionaries</a>, <a href="/zia/defining-patterns-custom-dictionaries" target="_blank">Defining Patterns for Custom DLP Dictionaries</a>, and <a href="/zia/defining-phrases-custom-dictionaries" target="_blank">Defining Phrases for Custom DLP Dictionaries</a>. You can also create custom DLP dictionaries based on Exact Data Match (EDM) or Indexed Document Match (IDM). To learn more, see <a href="/zia/about-exact-data-match" target="_blank">About Exact Data Match</a> and see <a href="/zia/about-indexed-document-match" target="_blank">About Indexed Document Match</a>. deprecated: false put: tags: - Data Loss Prevention summary: updateDlpDictionary description: Updates a custom or predefined DLP dictionary. operationId: updateDlpDictionary parameters: - name: dlpDictId in: path description: The unique identifier for the DLP dictionary. required: true style: simple schema: type: integer format: int32 requestBody: description: The information for a custom or predefined DLP Dictionary that uses Patterns and Phrases, Exact Data Match (EDM), or Indexed Document Match (IDM). To learn more, see <a href="/zia/editing-predefined-dlp-dictionaries" target="_blank">Editing Predefined DLP Dictionaries</a>, and <a href="/zia/adding-custom-dlp-dictionary" target="_blank">Adding Custom DLP Dictionaries</a> which provides more information regarding defining phrases and patterns, as well as EDM fields and IDM accuracy. content: application/json: schema: allOf: - $ref: '#/components/schemas/DlpDictionariesRequest' - description: The information for a custom or predefined DLP Dictionary that uses Patterns and Phrases, Exact Data Match (EDM), or Indexed Document Match (IDM). To learn more, see <a href="/zia/editing-predefined-dlp-dictionaries" target="_blank">Editing Predefined DLP Dictionaries</a>, and <a href="/zia/adding-custom-dlp-dictionary" target="_blank">Adding Custom DLP Dictionaries</a> which provides more information regarding defining phrases and patterns, as well as EDM fields and IDM accuracy. required: false responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/DlpDictionaryDom' - description: A DLP dictionary contains a set of patented algorithms that are designed to detect specific kinds of information in user traffic. For a list of and information on all predefined dictionaries, see <a href="/zia/about-dlp-dictionaries" target="_blank">About DLP Dictionaries</a>. You can modify predefined DLP dictionaries or create custom dictionaries for content that is not properly covered by them. For example, using the cloud service API, you can create custom DLP dictionaries that trigger based on specific patterns and phrases. To learn more, see <a href="/zia/adding-custom-dlp-dictionary" target="_blank">Adding Custom DLP Dictionaries</a>, <a href="/zia/defining-patterns-custom-dictionaries" target="_blank">Defining Patterns for Custom DLP Dictionaries</a>, and <a href="/zia/defining-phrases-custom-dictionaries" target="_blank">Defining Phrases for Custom DLP Dictionaries</a>. You can also create custom DLP dictionaries based on Exact Data Match (EDM) or Indexed Document Match (IDM). To learn more, see <a href="/zia/about-exact-data-match" target="_blank">About Exact Data Match</a> and see <a href="/zia/about-indexed-document-match" target="_blank">About Indexed Document Match</a>. deprecated: false delete: tags: - Data Loss Prevention summary: deleteCustomDlpDictionary description: Deletes a custom DLP dictionary. You cannot delete predefined DLP dictionaries. operationId: deleteCustomDlpDictionary parameters: - name: dlpDictId in: path description: The unique identifier for the DLP dictionary. required: true style: simple schema: type: integer format: int32 - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: {} deprecated: false /dlpDictionaries/{dictId}/predefinedIdentifiers: get: tags: - Data Loss Prevention summary: getPredefinedHierarchicalIdentifiersByDictionaryId description: Retrieves the list of identifiers that are available for selection in the specified hierarchical DLP dictionary. This information can be obtained for predefined hierarchical dictionaries such as the Driver’s License (United States), Passport Number (European Union), and Credentials and Secrets dictionaries and their clones.Each identifier represents a sub-dictionary that consists of specific patterns. The Driver’s License (United States) dictionary includes one sub-dictionary for each state in the United States and the District of Columbia. For example, the Driver's License (United States) dictionary includes one sub-dictionary for each state in the United States, and you can customize this dictionary to detect the driver's licenses issued by specific states (e.g., California, New York, and Texas) by selecting the respective sub-dictionary identifier.To learn more about hierarchical dictionaries, see <a href="/zia/understanding-predefined-dlp-dictionaries" target="_blank">Understanding Predefined DLP Dictionaries</a>. operationId: getPredefinedHierarchicalIdentifiersByDictionaryId parameters: - name: dictId in: path description: The ID of the hierarchical DLP dictionary required: true style: simple schema: type: integer format: int32 responses: '200': description: Successful Operation headers: {} content: application/json: schema: type: array items: type: string description: '' deprecated: false /dlpDictionaries/validateDlpPattern: post: tags: - Data Loss Prevention summary: validateDlpPattern description: Validates the pattern used by a Pattern and Phrases DLP dictionary type, and provides error information if the pattern is invalid. To learn more about how to define valid patterns for custom DLP dictionaries, see <a href="/zia/defining-patterns-custom-dictionaries" target="_blank">Defining Patterns for Custom DLP Dictionaries</a>. operationId: validateDlpPattern parameters: - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/SMMsgStatusInfo' - description: Error message information that is returned when an invalid pattern is identified within a custom DLP dictionary deprecated: false /dlpEngines: get: tags: - Data Loss Prevention summary: getDLPEngines description: Get a list of DLP engines. operationId: getDLPEngines parameters: - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: type: array items: $ref: '#/components/schemas/DlpEngineDom' description: '' deprecated: false post: tags: - Data Loss Prevention summary: addCustomDLPEngine description: "Adds a new custom DLP engine. A DLP engine is a collection of one or more <a href=\"/zia/about-dlp-dictionaries\" target=\"_blank\">DLP Dictionaries</a>, combined using logical operators. DLP engines can be used in DLP policies to detect specific content in the users' traffic. The Zscaler service provides predefined DLP engines and supports custom DLP engines. To learn more, see <a href=\"/zia/about-dlp-engines\" target=\"_blank\">About DLP Engines</a> and <a href=\"/zia/understanding-dlp-engines\" target=\"_blank\">Understanding DLP Engines</a>. Note: To enable <code>/dlpEngines</code> endpoints that use POST, PUT, and DELETE methods for your organization, contact Zscaler Support." operationId: addCustomDLPEngine parameters: [] requestBody: description: Details of a custom DLP engine formed by combining DLP dictionaries using logical operators. To learn how to add custom DLP engines, see <a href="/zia/adding-custom-dlp-engine" target="_blank">Adding Custom DLP Engines</a>. content: application/json: schema: allOf: - $ref: '#/components/schemas/DlpEnginesRequest' - description: Details of a custom DLP engine formed by combining DLP dictionaries using logical operators. To learn how to add custom DLP engines, see <a href="/zia/adding-custom-dlp-engine" target="_blank">Adding Custom DLP Engines</a>. required: false responses: '200': description: Successful Operation headers: {} content: application/json: schema: allOf: - $ref: '#/components/schemas/DlpEngineDom' - description: DLP engine information. deprecated: false /dlpEngines/lite: get: tags: - Data Loss Prevention summary: getDLPEnginesSummary description: Gets a name and ID dictionary for all DLP engines. operationId: getDLPEnginesSummary parameters: - name: Content-Type in: header description: '' required: true style: simple schema: $ref: '#/components/schemas/Content-Type' responses: '200': description: Successful Operation headers: {} content: application/json: schema: type: array items: $ref: '#/components/schemas/DlpEngineDom' description: '' deprecated: false /dlpEngines/validateDlpExpr: post: tags: - Data Loss Prevention summary: validateDlpPattern description: 'Validates the logical expression within a DLP engine that is formed by combining DLP dictionaries and provides error information if the expression is invalid. To learn more about DLP engine expressions, see <a href="/zia/understanding-dlp-engines" target="_blank">Understanding DLP Engines</a>.Note: To enable <code>/dlpEngines</code> endpoints that use POST, PUT, and DELETE methods for your organization, contact Zscaler Support.' operationId: PostvalidateDlpPattern parameters: [] requestBody: description: 'Logical expression within a DLP engine formed by combining DLP dictionaries using operators. This parameter requires the input in a certain format. For example, an expression combining ABA Bank Routing Numbers and Credit Cards dictionaries using an AND operator with zero match count each would be ((D63.S > 0) AND (D38.S > 0)), where 63 is the ID of the Credit Cards dictionary and 38 is the ID of the ABA Bank Routing Numbers dictionary. The dictionary ID is wrapped around by a prefix (D) and a suffix (.S).Engine expression examples:<ul><li><code>((D63.S > 1))</code></li><li><code>((D63.S > 1) AND (D38.S > 0))</code></li><li><code>((D63.S > 1) OR (D38.S > 0))</code></li><li><code>(D63.S > 0) AND ( NOT ( (D61.S > 0) ) ) )</code></li><li><code>(SUM(D63.S, D38.S) > 3)</code></li></ul> In the preceding examples, 63 represents the ID of the Credit Cards dictionary, 61 is the Financial Statements dictionary ID, and 38 is the ABA Bank Routing Numbers dictionary ID.Note: Zscaler recommends validating DLP engine expressions by sending a POST request to <code>/dlpEngines/validateDlpExpr</code> before configuring a DLP engine.' content: application/json: schema: type: string description: 'Logical expression within a DLP engine formed by combining DLP dictionaries using operators. This parameter requires the input in a certain format. For example, an expression combining ABA Bank Routing Numbers and Credit Cards dictionaries using an AND operator with zero match count each would be ((D63.S > 0) AND (D38.S > 0)), where 63 is the ID of the Credit Cards dictionary and 38 is the ID of the ABA Bank Routing Numbers dictionary. The dictionary ID is wrapped around by a prefix (D) and a suffix (.S).Engine expression examples:<ul><li><code>((D63.S > 1))</code></li><li><code>((D63.S > 1) AND (D38.S > 0))</code></li><li><code>((D63.S > 1) OR (D38.S > 0))</code></li><li><code>(D63.S > 0) AND ( NOT ( (D61.S > 0) ) ) )</code></li><li><code>(SUM(D63.S, D38.S) > 3)</code></li></ul> In the preceding examples, 63 represents the ID of the Credit Cards dictionary, 61 is the Financial Statements dictionary ID, and 38 is the ABA Bank Routing Numbers dictionary ID.Note: Zscaler recommends validating DLP engine expressions by sending a POS