# Zscaler Cloud

#### Zscaler Portal Cloud configuration

* Go to **Authentication Settings**:

```exp
https://admin.zscloud.net/#administration/auth-settings
```

* In the field **Authentication Type**  select **SAML**

* Click on **Configure SAML**

  * In the field **Login Name Attribute** write: **NameID**  
 **Note:** the default NameID is the user's **email**.  
 If you want to use the **upn** instead, enter the following script line in Trustelem application **Custom scripting** field (see below for a complete example):

```ts
 function CustomSAMLResponse(msg: SAMLResponse, user: User, groups: Groups, deny: Deny): void {
  &#32;&#32;msg.setNameID(user.upn);
 }
```

  * In the field **SAML Portal URL** write:

  ```exp
  https://mydomain.trustelem.com/app/18XXXX/sso
  ```

  * In **Public SSL Certificate**, upload the certificate of your Trustelem application

* Turn OFF both **Enable SCIM-Based Provisioning** and **Sign SAML Request**

#### If you want to turn ON the SAML Auto-Provisioning function

* In Zscaler, activate **SAML Auto-Provisioning** and enter the following attributes:
  * User Display Name Attribute : **displayName**
  * Group Name Attribute : **groups**
  * Department Name Attribute : **department**

* In Trustelem application **Custom scripting** field, write:

```ts
  function CustomSAMLResponse(msg: SAMLResponse, user: User, groups: Groups, deny: Deny): void {
    msg.setAttr('displayName', user.firstname + ' ' + user.lastname);
    msg.addAttr('groups', 'group1');
    msg.addAttr('groups', 'group2');
    msg.addAttr('groups', 'groupX');
    msg.setAttr('department', 'my_department');
  }
```

  **Note:** instead of the constants "groupX" and "my_department", you can use other user's attributes.  
  For instance if you want to use Trustelem group attribute:

```ts
  for (let name  in groups){
    msg.addAttr('groups', name);
  }
```

Here is a complete example of custom scripting:

[![zscaler_custom_script.PNG](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-06/scaled-1680-/zscaler-custom-script.PNG)](https://trustelem-doc.wallix.com/uploads/images/gallery/2022-06/zscaler-custom-script.PNG)