zli. Do this using
brew install bastionzero/tap/zli.
zli login. This will open a browser window and prompt you to log in using your identity provider (currently scoped to Microsoft or Google). Don't worry if you don't have a BastionZero account; it will automatically be created for you.
zli targetUser --add "Default Admin Policy" foo-user
zli connect <target-user>@<target-name>. To list your available targets, try