Zscaler - Azure SQL connectivity whitelisting

hello there,

users logged into zscaler to be able to connect to azure sql directly without the need to whitelisting their client ips. How it can be done?
note- there are private endpoints connections created for azure sql server.
Guess- can we add the .database.windows.net in the “bypass SSL Inspection” custom category group of URL category. Does this allows users to access the SQL servers seamlessly? or anything to do with ZPA?