Zscaler Digital Experience MCP Server

Create a powerful Model Context Protocol (MCP) server for Zscaler Digital Experience (ZDX) in minutes with our AI Gateway. This guide walks you through setting up seamless digital experience monitoring integration with enterprise-grade security and instant OAuth authentication.

About Zscaler Digital Experience API

Zscaler Digital Experience (ZDX) provides end-to-end visibility into user experience across devices, networks, and applications. It monitors performance from the end-user perspective, helping IT teams proactively identify and resolve issues before they impact productivity.

Key Capabilities

• End-User Monitoring: Device and application performance
• Network Path Analysis: Hop-by-hop visibility
• Application Performance: SaaS and web app monitoring
• CloudPath: Internet and cloud provider insights
• Device Health: CPU, memory, and disk metrics
• Score Metrics: User experience scoring
• Proactive Alerts: Performance degradation detection
• Root Cause Analysis: Automated diagnostics

API Features

• Metrics API: Performance data access
• Alerts API: Alert management
• Devices API: Device monitoring
• OAuth 2.0: Secure authentication
• Applications API: App performance
• Network API: Path analysis
• Reports API: Custom reporting
• Events API: Real-time events

What You Can Do with Zscaler ZDX MCP Server

The MCP server transforms ZDX API into a natural language interface, enabling AI agents to:

User Experience Monitoring

• Experience Scores

  • "Show user experience scores"
  • "Find users with poor experience"
  • "Track score trends"
  • "Compare department scores"

• Performance Metrics

  • "Monitor application latency"
  • "Check network performance"
  • "Measure page load times"
  • "Track response times"

• Issue Detection

  • "Identify performance issues"
  • "Find degraded services"
  • "Detect anomalies"
  • "Show critical alerts"

Device Health Monitoring

• System Metrics

  • "Check CPU utilization"
  • "Monitor memory usage"
  • "Track disk space"
  • "Measure battery health"

• Application Impact

  • "Find resource-heavy apps"
  • "Monitor app crashes"
  • "Track startup times"
  • "Identify conflicts"

• Device Inventory

  • "List all monitored devices"
  • "Show device details"
  • "Track OS versions"
  • "Monitor patch levels"

Network Path Analysis

• Path Visibility

  • "Trace network path to Office 365"
  • "Show hop-by-hop latency"
  • "Identify bottlenecks"
  • "Monitor packet loss"

• ISP Performance

  • "Compare ISP performance"
  • "Track ISP outages"
  • "Monitor bandwidth"
  • "Analyze jitter"

• CloudPath Insights

  • "Monitor cloud provider performance"
  • "Track AWS connectivity"
  • "Analyze Azure paths"
  • "Compare cloud regions"

Application Performance

• SaaS Monitoring

  • "Monitor Office 365 performance"
  • "Track Salesforce response"
  • "Analyze Zoom quality"
  • "Measure Teams latency"

• Web Applications

  • "Monitor internal apps"
  • "Track page load times"
  • "Analyze API calls"
  • "Measure transaction times"

• Performance Baselines

  • "Establish normal behavior"
  • "Detect deviations"
  • "Compare time periods"
  • "Identify trends"

Proactive Alerting

• Alert Configuration

  • "Set performance thresholds"
  • "Create score alerts"
  • "Configure escalations"
  • "Define alert conditions"

• Alert Management

  • "Show active alerts"
  • "Acknowledge issues"
  • "Track resolution"
  • "Analyze patterns"

• Predictive Alerts

  • "Predict failures"
  • "Forecast degradation"
  • "Identify risks"
  • "Prevent outages"

Root Cause Analysis

• Automated Diagnostics

  • "Diagnose slow performance"
  • "Identify root causes"
  • "Correlate issues"
  • "Suggest remediation"

• Impact Analysis

  • "Show affected users"
  • "Calculate business impact"
  • "Track issue duration"
  • "Measure productivity loss"

• Historical Analysis

  • "Compare to baseline"
  • "Track recurring issues"
  • "Analyze patterns"
  • "Identify improvements"

Analytics & Reporting

• Performance Reports

  • "Generate SLA reports"
  • "Create executive dashboards"
  • "Build trend analysis"
  • "Export metrics"

• User Analytics

  • "Analyze user behavior"
  • "Track adoption rates"
  • "Monitor usage patterns"
  • "Identify power users"

• Capacity Planning

  • "Forecast resource needs"
  • "Plan upgrades"
  • "Optimize performance"
  • "Budget planning"

Integration & Automation

• ITSM Integration

  • "Create ServiceNow tickets"
  • "Update incident status"
  • "Sync with CMDB"
  • "Automate workflows"

• Collaboration Tools

  • "Send Teams notifications"
  • "Post to Slack channels"
  • "Email alerts"
  • "SMS notifications"

• API Automation

  • "Export data programmatically"
  • "Automate reporting"
  • "Trigger remediation"
  • "Update dashboards"

Prerequisites

• Access to Cequence AI Gateway
• Zscaler ZDX subscription
• API credentials
• Cloud name

Step 1: Generate ZDX API Credentials

1.1 Access ZDX Portal

1. Log in to ZDX admin portal
2. Navigate to Administration > API Management
3. Click Create API Key

1.2 Configure API Access

1. Enter details:
   • Key Name: "AI Gateway ZDX MCP"
   • Description: "Digital experience monitoring"
   • Permissions: Select required access

1.3 Set API Permissions

Select permissions:

• Metrics: Read
• Alerts: Read/Write
• Devices: Read
• Applications: Read
• Reports: Read/Write

1.4 Save Credentials

1. Click Generate
2. Copy API Key
3. Copy API Secret
4. Note Cloud Instance

Step 2-4: Standard Setup

Follow standard steps to access AI Gateway, find Zscaler ZDX API, and create MCP server.

Step 5: Configure API Endpoints

1. Base URL: https://api.zdx.zscaler.com
2. Select endpoints:
   • Metrics endpoints
   • Device endpoints
   • Application endpoints
   • Alert endpoints
3. Click Next

Step 6: MCP Server Configuration

1. Name: "Zscaler Digital Experience"
2. Description: "User experience monitoring"
3. Configure production mode
4. Click Next

Step 7: Configure Authentication

1. Authentication Type: OAuth 2.0
2. Token URL:

   https://api.zdx.zscaler.com/v1/oauth/token

3. Grant Type: client_credentials
4. Enter API Key and Secret

Available Zscaler ZDX API Scopes

Monitoring & Metrics

• Metrics Access

  • User experience scores
  • Performance metrics
  • Device health data
  • Application metrics

• Alert Management

  • Alert configuration
  • Alert acknowledgment
  • Escalation rules
  • Notification settings

Device & Network

• Device Monitoring

  • Device inventory
  • Health metrics
  • Software inventory
  • Configuration data

• Network Analysis

  • Path analysis
  • Performance data
  • ISP metrics
  • CloudPath data

Analytics & Reporting

• Analytics

  • Performance analytics
  • User analytics
  • Trend analysis
  • Predictive insights

• Reporting

  • Report generation
  • Dashboard access
  • Data export
  • Custom reports

Recommended Scope Combinations

For IT Operations:

Metrics (Read)
Alerts (Read/Write)
Devices (Read)
Applications (Read)
Reports (Read)

For Performance Engineers:

Metrics (Read)
Alerts (Read/Write)
Devices (Read)
Applications (Read)
Network (Read)
Analytics (Read)
Reports (Read/Write)

Step 8-10: Complete Setup

Configure security, choose deployment, and deploy.

Using Your Zscaler ZDX MCP Server

With Claude Desktop

{
  "servers": {
    "zscaler-zdx": {
      "url": "your-mcp-server-url",
      "auth": {
        "type": "oauth2",
        "client_id": "your-api-key",
        "client_secret": "your-api-secret"
      }
    }
  }
}

Natural Language Commands

• "Show users with experience score below 70"
• "Analyze Office 365 performance for the sales team"
• "Trace network path to Salesforce from NYC office"
• "Find devices with high CPU usage"
• "Generate weekly performance report"

API Integration Example

// Initialize MCP client
const mcpClient = new MCPClient({
  serverUrl: 'your-mcp-server-url',
  auth: {
    type: 'oauth2',
    clientId: 'your-api-key',
    clientSecret: 'your-api-secret'
  }
});

// Get user experience scores
const experienceScores = await mcpClient.zscaler.zdx.getExperienceScores({
  timeRange: 'last_24_hours',
  groupBy: 'user',
  filters: {
    scoreThreshold: 70,
    department: 'Sales'
  }
});

console.log("User Experience Summary:");
console.log(`Average Score: ${experienceScores.averageScore}`);
console.log(`Users Below Threshold: ${experienceScores.poorExperienceUsers.length}`);

for (const user of experienceScores.poorExperienceUsers) {
  console.log(`\n${user.name}: ${user.score}/100`);
  console.log(`Main Issues: ${user.topIssues.join(', ')}`);
  console.log(`Affected Apps: ${user.impactedApplications.join(', ')}`);
}

// Monitor application performance
const appPerformance = await mcpClient.zscaler.zdx.getApplicationPerformance({
  applications: ['Office 365', 'Salesforce', 'Zoom'],
  metrics: ['latency', 'availability', 'pageLoadTime', 'errorRate'],
  timeRange: 'last_7_days',
  interval: 'hourly'
});

for (const app of appPerformance.applications) {
  console.log(`\n${app.name} Performance:`);
  console.log(`Avg Latency: ${app.metrics.avgLatency} ms`);
  console.log(`Availability: ${app.metrics.availability}%`);
  console.log(`Page Load: ${app.metrics.avgPageLoadTime} seconds`);
  console.log(`Error Rate: ${app.metrics.errorRate}%`);
  
  // Check against SLA
  if (app.metrics.availability < 99.5) {
    await createSLAViolationAlert(app);
  }
}

// Network path analysis
const pathAnalysis = await mcpClient.zscaler.zdx.analyzeNetworkPath({
  source: {
    userId: "john.doe@company.com",
    location: "NYC Office"
  },
  destination: {
    application: "Office 365",
    service: "Exchange Online"
  },
  includeCloudPath: true
});

console.log("\nNetwork Path Analysis:");
console.log(`Total Latency: ${pathAnalysis.totalLatency} ms`);
console.log(`Hop Count: ${pathAnalysis.hops.length}`);

for (const hop of pathAnalysis.hops) {
  console.log(`\nHop ${hop.number}: ${hop.name}`);
  console.log(`  Type: ${hop.type}`);
  console.log(`  Latency: ${hop.latency} ms`);
  console.log(`  Packet Loss: ${hop.packetLoss}%`);
  
  if (hop.latency > 50 || hop.packetLoss > 1) {
    console.log(`   Performance Issue Detected`);
  }
}

// Device health monitoring
const deviceHealth = await mcpClient.zscaler.zdx.getDeviceHealth({
  filters: {
    cpuUsage: { min: 80 },
    memoryUsage: { min: 80 },
    diskUsage: { min: 90 }
  },
  includeProcesses: true
});

console.log(`\nDevices with Resource Issues: ${deviceHealth.devices.length}`);
for (const device of deviceHealth.devices) {
  console.log(`\nDevice: ${device.hostname} (${device.username})`);
  console.log(`CPU: ${device.cpuUsage}%`);
  console.log(`Memory: ${device.memoryUsage}%`);
  console.log(`Disk: ${device.diskUsage}%`);
  
  if (device.topProcesses) {
    console.log("Top Processes:");
    for (const proc of device.topProcesses.slice(0, 3)) {
      console.log(`  - ${proc.name}: CPU ${proc.cpuUsage}%, Memory ${proc.memoryUsage}MB`);
    }
  }
}

// Proactive issue detection
const predictiveAnalysis = await mcpClient.zscaler.zdx.predictIssues({
  timeframe: 'next_24_hours',
  confidenceThreshold: 0.8,
  impactThreshold: 'high'
});

console.log("\nPredicted Issues:");
for (const prediction of predictiveAnalysis.predictions) {
  console.log(`\n${prediction.type}: ${prediction.description}`);
  console.log(`Confidence: ${prediction.confidence * 100}%`);
  console.log(`Estimated Impact: ${prediction.estimatedUsersAffected} users`);
  console.log(`Recommended Action: ${prediction.recommendedAction}`);
  
  // Auto-create preventive ticket
  if (prediction.confidence > 0.9) {
    await createPreventiveTicket(prediction);
  }
}

// Root cause analysis
const issueId = "INC123456";
const rootCause = await mcpClient.zscaler.zdx.analyzeRootCause({
  issueId: issueId,
  timeWindow: 'auto', // Automatically determine relevant timeframe
  correlateEvents: true
});

console.log(`\nRoot Cause Analysis for ${issueId}:`);
console.log(`Primary Cause: ${rootCause.primaryCause}`);
console.log(`Confidence: ${rootCause.confidence}%`);
console.log(`\nContributing Factors:`);
for (const factor of rootCause.contributingFactors) {
  console.log(`- ${factor.description} (${factor.impact}% impact)`);
}

console.log(`\nTimeline:`);
for (const event of rootCause.timeline) {
  console.log(`${event.timestamp}: ${event.description}`);
}

// Alert management
const alertRule = await mcpClient.zscaler.zdx.createAlertRule({
  name: "Critical Application Performance",
  description: "Alert when critical apps perform poorly",
  conditions: [
    {
      metric: "application_score",
      applications: ["Office 365", "Salesforce"],
      operator: "less_than",
      value: 70,
      duration: "5_minutes"
    }
  ],
  severity: "high",
  notifications: [
    {
      type: "email",
      recipients: ["it-ops@company.com"]
    },
    {
      type: "webhook",
      url: "https://alerts.company.com/zdx"
    }
  ],
  autoRemediation: {
    enabled: true,
    actions: ["restart_service", "clear_cache"]
  }
});

// Generate performance report
const performanceReport = await mcpClient.zscaler.zdx.generateReport({
  type: "executive_summary",
  period: {
    start: "2025-01-01",
    end: "2025-01-31"
  },
  sections: [
    "user_experience_overview",
    "application_performance",
    "network_health",
    "device_statistics",
    "incident_summary",
    "improvement_recommendations"
  ],
  format: "pdf",
  branding: {
    logo: "company-logo.png",
    colors: {
      primary: "#003366",
      secondary: "#0066cc"
    }
  }
});

// CloudPath monitoring
const cloudPath = await mcpClient.zscaler.zdx.getCloudPathMetrics({
  providers: ['AWS', 'Azure', 'GCP'],
  regions: ['us-east-1', 'westus2', 'us-central1'],
  services: ['compute', 'storage', 'networking'],
  timeRange: 'last_24_hours'
});

console.log("\nCloud Provider Performance:");
for (const provider of cloudPath.providers) {
  console.log(`\n${provider.name}:`);
  for (const region of provider.regions) {
    console.log(`  ${region.name}:`);
    console.log(`    Latency: ${region.avgLatency} ms`);
    console.log(`    Availability: ${region.availability}%`);
    console.log(`    Packet Loss: ${region.packetLoss}%`);
  }
}

// Real-time monitoring
const monitor = await mcpClient.zscaler.zdx.startRealtimeMonitoring({
  metrics: ['user_score', 'app_performance', 'network_health'],
  threshold: {
    userScore: 70,
    appLatency: 1000,
    packetLoss: 1
  }
});

monitor.on('threshold_breach', async (event) => {
  console.log(`Threshold Breach: ${event.metric}`);
  console.log(`Current Value: ${event.value}`);
  console.log(`Affected: ${event.affected}`);
  
  // Auto-remediate based on metric
  await autoRemediate(event);
});

Common Use Cases

Performance Monitoring

• End-user experience tracking
• Application performance monitoring
• Network health assessment
• Device resource monitoring

Proactive IT

• Predictive issue detection
• Automated remediation
• Capacity planning
• Performance optimization

Root Cause Analysis

• Issue correlation
• Impact assessment
• Timeline reconstruction
• Resolution tracking

Reporting & Analytics

• SLA compliance
• Executive dashboards
• Trend analysis
• ROI measurement

Security Best Practices

1. API Security:

   • Secure credential storage
   • Regular key rotation
   • Monitor API usage
   • Implement rate limiting

2. Data Protection:

   • Anonymize user data
   • Encrypt sensitive metrics
   • Control data retention
   • Audit access logs

3. Alert Management:

   • Avoid alert fatigue
   • Set appropriate thresholds
   • Test alert rules
   • Document escalations

Troubleshooting

Common Issues

1. Data Collection

   • Verify agent deployment
   • Check device connectivity
   • Review collection policies
   • Validate permissions

2. Metric Accuracy

   • Calibrate baselines
   • Adjust thresholds
   • Verify time zones
   • Check data sources

3. Integration Issues

   • Test API connectivity
   • Verify webhook URLs
   • Check authentication
   • Review error logs

Getting Help

• Documentation: AI Gateway Docs
• Support: support@cequence.ai
• Zscaler Support: help.zscaler.com

---