zscaler
Zscaler Integration MCP Server is a Model Context Protocol (MCP) server designed for managing Several Zscaler Products using Large Language Models (LLMs).
claude mcp add --transport stdio zscaler-zscaler-mcp-server python -m zscaler_mcp_server \ --env ZSCALER_MCP_WRITE_TOOLS="Comma-separated list of write tool patterns to allow (e.g., "zpa_create_*,zpa_delete_*")" \ --env ZSCALER_MCP_WRITE_ENABLED="Enable write tools when set to true to unlock write operations"
How to use
The zscaler MCP server provides a read-only by default integration that exposes Zscaler resources to AI agents via the MCP protocol. By default, only list and get operations are available, ensuring safety for autonomous agent usage. To enable write operations, you must opt-in with explicit flags or environment variables, so you retain tight control over what can be created, updated, or deleted in Zscaler resources. The server offers a broad set of read-only tools (110+ read-only tools) for discovering segments, rules, and configurations, and you can selectively enable write tools through an allowlist.
You can run the MCP server using the Python module entry point. Once running, AI agents can query available resources with read-only tools, and you can progressively enable write capabilities by configuring the write-mode flags or environment variables as described in the documentation. When used with agents or editors (like Claude Desktop or VS Code integrations), ensure the agent UI is configured to allow the appropriate tools, especially the write tools if you enable them.
How to install
Prerequisites:
- Python 3.8+ (recommended) and pip
- Internet access to install packages from PyPI
Installation steps:
-
Install the MCP server package from PyPI: pip install zscaler-mcp-server
-
Confirm installation by running the server help or version command: python -m zscaler_mcp_server --help
-
Run the MCP server (default read-only mode): python -m zscaler_mcp_server
-
(Optional) Run with write tools enabled using CLI flags or environment variables as described in the documentation:
- CLI: zscaler-mcp --enable-write-tools --write-tools "<patterns>"
- Env: export ZSCALER_MCP_WRITE_ENABLED=true; export ZSCALER_MCP_WRITE_TOOLS="<patterns>"; python -m zscaler_mcp_server
-
If you prefer containerized or alternate runtimes, you can adapt the same steps to your environment using the mcp_config mapping provided.
Additional notes
Tips and notes:
- By default, the MCP server is read-only. To enable write operations, you must provide both an enable flag (or environment variable) and an explicit allowlist of write tools. Without a valid allowlist, no write tools will be registered even in write mode.
- Patterns support wildcards such as zpa_create_, zpa_ to granularly control which write operations are allowed.
- Ensure your agent UI (e.g., Claude Desktop or integrated editors) is configured to enable the desired tools and that the UI respects the server’s read-only default when appropriate.
- If encountering authentication or API credential issues with Zscaler, refer to the dedicated sections in the README for OneAPI and Legacy authentication methods and troubleshooting guidance.
Related MCP Servers
mcp-language
mcp-language-server gives MCP enabled clients access semantic tools like get definition, references, rename, and diagnostics.
robloxstudio
Create agentic AI workflows in ROBLOX Studio
kodit
👩💻 MCP server to index external repositories
pfsense
pfSense MCP Server enables security administrators to manage their pfSense firewalls using natural language through AI assistants like Claude Desktop. Simply ask "Show me blocked IPs" or "Run a PCI compliance check" instead of navigating complex interfaces. Supports REST/XML-RPC/SSH connections, and includes built-in complian
gtm
An MCP server for Google Tag Manager. Connect it to your LLM, authenticate once, and start managing GTM through natural language.
israel-drugs
MCP server from DavidOsherdiagnostica/israel-drugs-mcp-server
