Please just point me to the right resources if this is already answered elsewhere!
We use a third-party SaaS application (not included in the list here) that we want to only allow users to access through Zscaler. Said another way, without connecting to Zscaler, we don’t want any user in our organization to be able to use this SaaS application.
With the SaaS vendor’s cooperation, what are the options for enforcing this?
For example, if Zscaler includes a signature in user requests routed through Zscaler and forwarded to the SaaS application, the SaaS application could verify the signature before providing access to our data. As far as I can tell though, that’s not an option.
Thank you for your help!