feat: Added New ZPA Endpoints, Cloud Connector OneAPI Support and Fixes (#287)

* fix: Fixed ZCC, ZPA, ZIA models and added other checks

* fix: Fixed Legacy Client Logger and response parsing

* feat: Added New ZPA Endpoints, Cloud Connector OneAPI Support and Fixes

* fix: Fixed ZIA url_categories add_category function

* fix: Fixed ZCC zcc_param_mapper

* fix: Consolidated Application Segment Models

* fix: Fixed App Protection models and functions

* fix: Fixed Application Segment model udp_port_range issue

* fix: Fixed segment group model reference

Author: willguibr

CHANGELOG.md

@@ -1,5 +1,52 @@
 # Zscaler Python SDK Changelog
 
+## 1.4.0 (May, 26 2025)
+
+### Notes
+
+- Python Versions: **v3.8, v3.9, v3.10, v3.11**
+
+#### Zscaler OneAPI Support for Cloud & Branch Connector API
+[PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287): Cloud & Branch Connector API are now supported via [OneAPI](https://help.zscaler.com/oneapi/understanding-oneapi) with Oauth2 authentication support through [Zidentity](https://help.zscaler.com/zidentity/what-zidentity)
+
+### ZPA Application Segment Provision
+[PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Added the following new ZPA API Endpoints:
+    - Added `POST /provision` Provision a new application for a given customer by creating all related objects if necessary
+
+### ZPA Application Segment Weighted Load Balancer
+[PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Added the following new ZPA API Endpoints:
+    - Added `GET /weightedLbConfig` Get Weighted Load Balancer Config for AppSegment
+    - Added `PUT /weightedLbConfig` Update Weighted Load Balancer Config for AppSegment
+
+### ZPA Browser Access Application Segment
+[PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Added dedicated resource `app_segments_ba` for ZPA Browser Access Application Segment provisioning.
+[PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Added dedicated resource `app_segments_ba_v2` for ZPA Browser Access Application Segment provisioning using newly recommended format via block `common_apps_dto.apps_config`
+
+### ZPA Policy-Set-Controller Condition - New Object Type
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Added the following new `object_types` to function `_create_conditions_v2` in the `policies` package: `CHROME_ENTERPRISE` and `CHROME_POSTURE_PROFILE`
+
+### Zscaler Client Connector (Legacy) New Rate Limiting Headers
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Enhanced `LegacyZCCClientHelper` rate limiting logic with new headers for more accurate retry-calculations.
+  - `X-Rate-Limit-Retry-After-Seconds` - This header is only returned when rate limit for `/downloadDevices` and `downloadServiceStatus` is reached. 
+  - The endpoint handler `/downloadDevices` and `downloadServiceStatus` has a rate limit of 3 calls per day.
+  - `X-Rate-Limit-Remaining` - This header is returned for all other endpoints. ZCC endpoints called from a specific IP address are subjected to a rate limit of 100 calls per hour. See [Zscaler Client Connector API](https://help.zscaler.com/oneapi/understanding-rate-limiting)
+
+### Bug Fixes:
+
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Fixed ZCC functions `remove_devices` and `force_remove_devices` to use custom decorator `zcc_param_mapper` for `os_type` attribute
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Removed incorrect validation from ZIA `url_categories` function `add_url_category` - [Issue #284](https://github.com/zscaler/zscaler-sdk-python/issues/284)
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Fixed ZPA `application_segment_pra` model attribute  `common_apps_dto`.
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Fixed ZPA resources `add_privileged_credential_rule_v2`, and `update_privileged_credential_rule_v2` 
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Fixed ZPA Application segment v2 Port formatting issue: [Issue #288](https://github.com/zscaler/zscaler-sdk-python/issues/288)
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Added new ZPA attribute models to support `extranet` features across `server_groups` and `application_segments`
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Added pre-check on all ZPA  `application_segment` resources to prevent port overlap configuration.
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Added additional `CLIENT_TYPE` validation within the ZPA policy functions `add_redirection_rule_v2` and `update_redirection_rule_v2`
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Enhanced `_create_conditions_v2` function used on ZPA Policy v2 condition block.
+
+### Internal Enhancements
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Enhanced `check_response_for_error` function to parse and display API error messages more clearly.
+* [PR #287](https://github.com/zscaler/zscaler-sdk-python/pull/287) - Consolidated all application segment resource models into a single model shared across all Application Segment package resources.
+
 ## 1.3.0 (May, 12 2025)
 
 ### Notes

docsrc/conf.py

@@ -28,9 +28,9 @@
 html_title = ""
 
 # The short X.Y version
-version = "1.2.4"
+version = "1.4.0"
 # The full version, including alpha/beta/rc tags
-release = "1.2.4"
+release = "1.4.0"
 
 # -- General configuration ---------------------------------------------------
 

docsrc/dev_requirements.txt

@@ -17,7 +17,7 @@ arrow==1.3.0 ; python_version >= "3.9.2" and python_version < "4.0"
 certifi==2025.4.26 ; python_version >= "3.9.2" and python_version < "4.0"
 cffi==1.17.1 ; python_version >= "3.9.2" and python_version < "4.0" and platform_python_implementation != "PyPy"
 charset-normalizer==3.4.2 ; python_version >= "3.9.2" and python_version < "4.0"
-cryptography==43.0.3 ; python_version >= "3.9.2" and python_version < "4.0"
+cryptography==45.0.2 ; python_version >= "3.9.2" and python_version < "4.0"
 idna==3.10 ; python_version >= "3.9.2" and python_version < "4.0"
 pycparser==2.22 ; python_version >= "3.9.2" and python_version < "4.0" and platform_python_implementation != "PyPy"
 pydash==8.0.5 ; python_version >= "3.9.2" and python_version < "4.0"

docsrc/zs/guides/release_notes.rst

@@ -6,6 +6,64 @@ Release Notes
 Zscaler Python SDK Changelog
 ----------------------------
 
+1.4.0 (May, 22 2025)
+-------------------------
+
+Notes
+-----
+
+- Python Versions: **v3.8, v3.9, v3.10, v3.11**
+
+Zscaler OneAPI Support for Cloud & Branch Connector API
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_): Cloud & Branch Connector API are now supported via (`OneAPI<https://help.zscaler.com/oneapi/understanding-oneapi>`_) with Oauth2 authentication support through (`Zidentity<https://help.zscaler.com/zidentity/what-zidentity>`_)
+
+ZPA Application Segment Provision
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Added the following new ZPA API Endpoints:
+    - Added `POST /provision` Provision a new application for a given customer by creating all related objects if necessary
+
+ZPA Application Segment Weighted Load Balancer
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Added the following new ZPA API Endpoints:
+    - Added `GET /weightedLbConfig` Get Weighted Load Balancer Config for AppSegment
+    - Added `PUT /weightedLbConfig` Update Weighted Load Balancer Config for AppSegment
+
+ZPA Policy-Set-Controller Condition - New Object Type
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Added the following new `object_types` to function `_create_conditions_v2` in the `policies` package: `CHROME_ENTERPRISE` and `CHROME_POSTURE_PROFILE`
+
+Zscaler Client Connector (Legacy) New Rate Limiting Headers
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Enhanced `LegacyZCCClientHelper` rate limiting logic with new headers for more accurate retry-calculations.
+  - `X-Rate-Limit-Retry-After-Seconds` - This header is only returned when rate limit for `/downloadDevices` and `downloadServiceStatus` is reached. 
+  - The endpoint handler `/downloadDevices` and `downloadServiceStatus` has a rate limit of 3 calls per day.
+  - `X-Rate-Limit-Remaining` - This header is returned for all other endpoints. ZCC endpoints called from a specific IP address are subjected to a rate limit of 100 calls per hour. See (`Zscaler Client Connector API <https://help.zscaler.com/oneapi/understanding-rate-limiting>`_)
+
+Bug Fixes:
+---------------
+
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Fixed ZCC functions `remove_devices` and `force_remove_devices` to use custom decorator `zcc_param_mapper` for `os_type` attribute
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Removed incorrect validation from ZIA `url_categories` function `add_url_category` - [Issue #284](https://github.com/zscaler/zscaler-sdk-python/issues/284)
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Fixed ZPA `application_segment_pra` model attribute  `common_apps_dto`.
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Fixed ZPA resources `add_privileged_credential_rule_v2`, and `update_privileged_credential_rule_v2` 
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Fixed ZPA Application segment v2 Port formatting issue: [Issue #288](https://github.com/zscaler/zscaler-sdk-python/issues/288)
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Added new ZPA attribute models to support `extranet` features across `server_groups` and `application_segments`
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Added pre-check on all ZPA  `application_segment` resources to prevent port overlap configuration.
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Added additional `CLIENT_TYPE` validation within the ZPA policy functions `add_redirection_rule_v2` and `update_redirection_rule_v2`
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Enhanced `_create_conditions_v2` function used on ZPA Policy v2 condition block.
+
+Internal Enhancements
+-----------------------
+
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Enhanced `check_response_for_error` function to parse and display API error messages more clearly.
+* (`#287 <https://github.com/zscaler/zscaler-sdk-python/pull/287>`_) - Consolidated all application segment resource models into a single model shared across all Application Segment package resources.
+
 1.3.0 (May, 12 2025)
 -------------------------
 

docsrc/zs/zpa/app_segments_ba.rst

@@ -0,0 +1,14 @@
+app_segments_ba
+-----------------------
+
+The following methods allow for interaction with the ZPA
+Browser Access Application Segment API endpoints.
+
+Methods are accessible via ``zpa.app_segments_ba``
+
+.. _zpa-app_segments_ba:
+
+.. automodule:: zscaler.zpa.app_segments_ba
+    :members:
+    :undoc-members:
+    :show-inheritance:

docsrc/zs/zpa/app_segments_ba_v2.rst

@@ -0,0 +1,14 @@
+app_segments_ba_v2
+-----------------------
+
+The following methods allow for interaction with the ZPA
+Browser Access Application Segment v2 API endpoints.
+
+Methods are accessible via ``zpa.app_segments_ba_v2``
+
+.. _zpa-app_segments_ba_v2:
+
+.. automodule:: zscaler.zpa.app_segments_ba_v2
+    :members:
+    :undoc-members:
+    :show-inheritance: