User API Doc

IdentityServicesEngineAPI

The IdentityServicesEngineAPI class creates “connection objects” for working with the Identity Services Engine APIs and hierarchically organizes the Identity Services Engine APIs and their endpoints underneath these connection objects.

IdentityServicesEngineAPI summary structure

v3.1.0 summary

IdentityServicesEngineAPI

aci_bindings

get_aci_bindings() get_aci_bindings_generator() get_version()

aci_settings

get_aci_settings() get_version() test_aci_connectivity() update_aci_settings_by_id()

active_directory

create_active_directory() delete_active_directory_by_id() get_active_directory() get_active_directory_by_id() get_active_directory_by_name() get_active_directory_generator() get_groups_by_domain() get_trusted_domains() get_user_groups() get_version() is_user_member_of_groups() join_domain() join_domain_with_all_nodes() leave_domain() leave_domain_with_all_nodes() load_groups_from_domain()

admin_user

get_admin_user_by_id() get_admin_users() get_admin_users_generator() get_version()

allowed_protocols

create_allowed_protocol() delete_allowed_protocol_by_id() get_allowed_protocol_by_id() get_allowed_protocol_by_name() get_allowed_protocols() get_allowed_protocols_generator() get_version() update_allowed_protocol_by_id()

anc_endpoint

apply_anc_endpoint() bulk_request_for_anc_endpoint() clear_anc_endpoint() get_anc_endpoint() get_anc_endpoint_by_id() get_anc_endpoint_generator() get_version() monitor_bulk_status_anc_endpoint()

anc_policy

bulk_request_for_anc_policy() create_anc_policy() delete_anc_policy_by_id() get_anc_policy() get_anc_policy_by_id() get_anc_policy_by_name() get_anc_policy_generator() get_version() monitor_bulk_status_anc_policy() update_anc_policy_by_id()

authentication

authentication_api()

authorization_profile

create_authorization_profile() delete_authorization_profile_by_id() get_authorization_profile_by_id() get_authorization_profile_by_name() get_authorization_profiles() get_authorization_profiles_generator() get_version() update_authorization_profile_by_id()

backup_and_restore

cancel_backup() config_backup() create_scheduled_config_backup() get_last_config_backup_status() restore_config_backup() update_scheduled_config_backup()

byod_portal

create_byod_portal() delete_byod_portal_by_id() get_byod_portal() get_byod_portal_by_id() get_byod_portal_generator() get_version() update_byod_portal_by_id()

certificate_profile

create_certificate_profile() get_certificate_profile() get_certificate_profile_by_id() get_certificate_profile_by_name() get_certificate_profile_generator() get_version() update_certificate_profile_by_id()

certificate_template

get_certificate_template() get_certificate_template_by_id() get_certificate_template_by_name() get_certificate_template_generator() get_version()

certificates

bind_csr() delete_csr_by_id() delete_system_certificate_by_id() delete_trusted_certificate_by_id() export_csr() export_system_certificate() export_trusted_certificate() generate_csr() generate_intermediate_ca_csr() get_csr_by_id() get_csrs() get_csrs_generator() get_system_certificate_by_id() get_system_certificates() get_system_certificates_generator() get_trusted_certificate_by_id() get_trusted_certificates() get_trusted_certificates_generator() import_system_certificate() import_trust_certificate() regenerate_ise_root_ca() renew_certificates() update_system_certificate() update_trusted_certificate()

clear_threats_and_vulnerabilities

clear_threats_and_vulnerabilities() get_version()

consumer

access_secret() activate_account() create_account() lookup_service()

custom_caller

add_api() call_api()

device_administration_authentication_rules

create_device_admin_authentication_rule() delete_device_admin_authentication_rule_by_id() get_device_admin_authentication_rule_by_id() get_device_admin_authentication_rules() reset_hit_counts_device_admin_authentication_rules() update_device_admin_authentication_rule_by_id()

device_administration_authorization_exception_rules

create_device_admin_local_exception_rule() delete_device_admin_local_exception_rule_by_id() get_device_admin_local_exception_rule_by_id() get_device_admin_local_exception_rules() reset_hit_counts_device_admin_local_exceptions() update_device_admin_local_exception_rule_by_id()

device_administration_authorization_global_exception_rules

create_device_admin_policy_set_global_exception() delete_device_admin_policy_set_global_exception_by_rule_id() get_device_admin_policy_set_global_exception_by_rule_id() get_device_admin_policy_set_global_exception_rules() reset_hit_counts_device_admin_global_exceptions() update_device_admin_policy_set_global_exception_by_rule_id()

device_administration_authorization_rules

create_device_admin_authorization_rule() delete_device_admin_authorization_rule_by_id() get_device_admin_authorization_rule_by_id() get_device_admin_authorization_rules() reset_hit_counts_device_admin_authorization_rules() update_device_admin_authorization_rule_by_id()

device_administration_command_set

get_device_admin_command_sets()

device_administration_conditions

create_device_admin_condition() delete_device_admin_condition_by_id() delete_device_admin_condition_by_name() get_device_admin_condition_by_id() get_device_admin_condition_by_name() get_device_admin_conditions() get_device_admin_conditions_for_authentication_rules() get_device_admin_conditions_for_authorization_rules() get_device_admin_conditions_for_policy_sets() update_device_admin_condition_by_id() update_device_admin_condition_by_name()

device_administration_dictionary_attributes_list

get_device_admin_dictionaries_authentication() get_device_admin_dictionaries_authorization() get_device_admin_dictionaries_policy_set()

device_administration_identity_stores

get_device_admin_identity_stores()

device_administration_network_conditions

create_device_admin_network_condition() delete_device_admin_network_condition_by_id() get_device_admin_network_condition_by_id() get_device_admin_network_conditions() update_device_admin_network_condition_by_id()

device_administration_policy_set

create_device_admin_policy_set() delete_device_admin_policy_set_by_id() get_device_admin_policy_set_by_id() get_device_admin_policy_sets() reset_hit_counts_device_admin_policy_sets() update_device_admin_policy_set_by_id()

device_administration_profiles

get_device_admin_profiles()

device_administration_service_names

get_device_admin_service_names()

device_administration_time_date_conditions

create_device_admin_time_condition() delete_device_admin_time_condition_by_id() get_device_admin_time_condition_by_id() get_device_admin_time_conditions() update_device_admin_time_condition_by_id()

downloadable_acl

create_downloadable_acl() delete_downloadable_acl_by_id() get_downloadable_acl() get_downloadable_acl_by_id() get_downloadable_acl_generator() get_version() update_downloadable_acl_by_id()

egress_matrix_cell

bulk_request_for_egress_matrix_cell() clear_all_matrix_cells() clone_matrix_cell() create_egress_matrix_cell() delete_egress_matrix_cell_by_id() get_egress_matrix_cell() get_egress_matrix_cell_by_id() get_egress_matrix_cell_generator() get_version() monitor_bulk_status_egress_matrix_cell() set_all_cells_status() update_egress_matrix_cell_by_id()

endpoint

bulk_request_for_endpoint() create_endpoint() delete_endpoint_by_id() deregister_endpoint() get_endpoint_by_id() get_endpoint_by_name() get_endpoints() get_endpoints_generator() get_rejected_endpoints() get_version() monitor_bulk_status_endpoint() register_endpoint() release_rejected_endpoint() update_endpoint_by_id()

endpoint_certificate

create_endpoint_certificate() get_version()

endpoint_identity_group

create_endpoint_group() delete_endpoint_group_by_id() get_endpoint_group_by_id() get_endpoint_group_by_name() get_endpoint_groups() get_endpoint_groups_generator() get_version() update_endpoint_group_by_id()

external_radius_server

create_external_radius_server() delete_external_radius_server_by_id() get_external_radius_server() get_external_radius_server_by_id() get_external_radius_server_by_name() get_external_radius_server_generator() get_version() update_external_radius_server_by_id()

filter_policy

create_filter_policy() delete_filter_policy_by_id() get_filter_policy() get_filter_policy_by_id() get_filter_policy_generator() get_version() update_filter_policy_by_id()

guest_location

get_guest_location() get_guest_location_by_id() get_guest_location_generator() get_version()

guest_smtp_notification_configuration

create_guest_smtp_notification_settings() get_guest_smtp_notification_settings() get_guest_smtp_notification_settings_by_id() get_guest_smtp_notification_settings_generator() get_version() update_guest_smtp_notification_settings_by_id()

guest_ssid

create_guest_ssid() delete_guest_ssid_by_id() get_guest_ssid() get_guest_ssid_by_id() get_guest_ssid_generator() get_version() update_guest_ssid_by_id()

guest_type

create_guest_type() delete_guest_type_by_id() get_guest_type() get_guest_type_by_id() get_guest_type_generator() get_version() update_guest_type_by_id() update_guest_type_email() update_guest_type_sms()

guest_user

approve_guest_user_by_id() bulk_request_for_guest_user() change_sponsor_password() create_guest_user() delete_guest_user_by_id() delete_guest_user_by_name() deny_guest_user_by_id() get_guest_user_by_id() get_guest_user_by_name() get_guest_users() get_guest_users_generator() get_version() monitor_bulk_status_guest_user() reinstate_guest_user_by_id() reinstate_guest_user_by_name() reset_guest_user_password_by_id() suspend_guest_user_by_id() suspend_guest_user_by_name() update_guest_user_by_id() update_guest_user_by_name() update_guest_user_email() update_guest_user_sms()

hotspot_portal

create_hotspot_portal() delete_hotspot_portal_by_id() get_hotspot_portal() get_hotspot_portal_by_id() get_hotspot_portal_generator() get_version() update_hotspot_portal_by_id()

identity_groups

create_identity_group() get_identity_group_by_id() get_identity_group_by_name() get_identity_groups() get_identity_groups_generator() get_version() update_identity_group_by_id()

identity_sequence

create_identity_sequence() delete_identity_sequence_by_id() get_identity_sequence() get_identity_sequence_by_id() get_identity_sequence_by_name() get_identity_sequence_generator() get_version() update_identity_sequence_by_id()

internal_user

create_internal_user() delete_internal_user_by_id() delete_internal_user_by_name() get_internal_user() get_internal_user_by_id() get_internal_user_by_name() get_internal_user_generator() get_version() update_internal_user_by_id() update_internal_user_by_name()

ip_to_sgt_mapping

bulk_request_for_ip_to_sgt_mapping() create_ip_to_sgt_mapping() delete_ip_to_sgt_mapping_by_id() deploy_all_ip_to_sgt_mapping() deploy_ip_to_sgt_mapping_by_id() get_deploy_status_ip_to_sgt_mapping() get_ip_to_sgt_mapping() get_ip_to_sgt_mapping_by_id() get_ip_to_sgt_mapping_generator() get_version() monitor_bulk_status_ip_to_sgt_mapping() update_ip_to_sgt_mapping_by_id()

ip_to_sgt_mapping_group

bulk_request_for_ip_to_sgt_mapping_group() create_ip_to_sgt_mapping_group() delete_ip_to_sgt_mapping_group_by_id() deploy_all_ip_to_sgt_mapping_group() deploy_ip_to_sgt_mapping_group_by_id() get_deploy_status_ip_to_sgt_mapping_group() get_ip_to_sgt_mapping_group() get_ip_to_sgt_mapping_group_by_id() get_ip_to_sgt_mapping_group_generator() get_version() monitor_bulk_status_ip_to_sgt_mapping_group() update_ip_to_sgt_mapping_group_by_id()

mdm

get_endpoint_by_mac_address() get_endpoints() get_endpoints_by_os_type() get_endpoints_by_type()

misc

delete_all_sessions() get_account_status_by_mac() get_active_count() get_active_list() get_authentication_status_by_mac() get_failure_reasons() get_mnt_version() get_posture_count() get_profiler_count() get_session_auth_list() get_sessions_by_endpoint_ip() get_sessions_by_mac() get_sessions_by_nas_ip() get_sessions_by_session_id() get_sessions_by_username() session_disconnect() session_reauthentication_by_mac()

my_device_portal

create_my_device_portal() delete_my_device_portal_by_id() get_my_device_portal() get_my_device_portal_by_id() get_my_device_portal_generator() get_version() update_my_device_portal_by_id()

native_supplicant_profile

delete_native_supplicant_profile_by_id() get_native_supplicant_profile() get_native_supplicant_profile_by_id() get_native_supplicant_profile_generator() get_version() update_native_supplicant_profile_by_id()

nbar_app

create_nbar_app() delete_nbar_app_by_id() get_nbar_app_by_id() get_nbar_apps() get_nbar_apps_generator() update_nbar_app_by_id()

network_access_authentication_rules

create_network_access_authentication_rule() delete_network_access_authentication_rule_by_id() get_network_access_authentication_rule_by_id() get_network_access_authentication_rules() reset_hit_counts_network_access_authentication_rules() update_network_access_authentication_rule_by_id()

network_access_authorization_exception_rules

create_network_access_local_exception_rule() delete_network_access_local_exception_rule_by_id() get_network_access_local_exception_rule_by_id() get_network_access_local_exception_rules() reset_hit_counts_network_access_local_exceptions() update_network_access_local_exception_rule_by_id()

network_access_authorization_global_exception_rules

create_network_access_policy_set_global_exception_rule() delete_network_access_policy_set_global_exception_rule_by_id() get_network_access_policy_set_global_exception_rule_by_id() get_network_access_policy_set_global_exception_rules() reset_hit_counts_network_access_global_exceptions() update_network_access_policy_set_global_exception_rule_by_id()

network_access_authorization_rules

create_network_access_authorization_rule() delete_network_access_authorization_rule_by_id() get_network_access_authorization_rule_by_id() get_network_access_authorization_rules() reset_hit_counts_network_access_authorization_rules() update_network_access_authorization_rule_by_id()

network_access_conditions

create_network_access_condition() delete_network_access_condition_by_id() delete_network_access_condition_by_name() get_network_access_condition_by_id() get_network_access_condition_by_name() get_network_access_conditions() get_network_access_conditions_for_authentication_rules() get_network_access_conditions_for_authorization_rules() get_network_access_conditions_for_policy_sets() update_network_access_condition_by_id() update_network_access_condition_by_name()

network_access_dictionary

create_network_access_dictionaries() delete_network_access_dictionary_by_name() get_network_access_dictionaries() get_network_access_dictionary_by_name() update_network_access_dictionary_by_name()

network_access_dictionary_attribute

create_network_access_dictionary_attribute() delete_network_access_dictionary_attribute_by_name() get_network_access_dictionary_attribute_by_name() get_network_access_dictionary_attributes_by_dictionary_name() update_network_access_dictionary_attribute_by_name()

network_access_dictionary_attributes_list

get_network_access_dictionaries_authentication() get_network_access_dictionaries_authorization() get_network_access_dictionaries_policy_set()

network_access_identity_stores

get_network_access_identity_stores()

network_access_network_conditions

create_network_access_network_condition() delete_network_access_network_condition_by_id() get_network_access_network_condition_by_id() get_network_access_network_conditions() update_network_access_network_condition_by_id()

network_access_policy_set

create_network_access_policy_set() delete_network_access_policy_set_by_id() get_network_access_policy_set_by_id() get_network_access_policy_sets() reset_hit_counts_network_access_policy_sets() update_network_access_policy_set_by_id()

network_access_profiles

get_network_access_profiles()

network_access_security_groups

get_network_access_security_groups()

network_access_service_names

get_network_access_service_names()

network_access_time_date_conditions

create_network_access_time_condition() delete_network_access_time_condition_by_id() get_network_access_time_condition_by_id() get_network_access_time_conditions() update_network_access_time_condition_by_id()

network_device

bulk_request_for_network_device() create_network_device() delete_network_device_by_id() delete_network_device_by_name() get_network_device() get_network_device_by_id() get_network_device_by_name() get_network_device_generator() get_version() monitor_bulk_status_network_device() update_network_device_by_id() update_network_device_by_name()

network_device_group

create_network_device_group() delete_network_device_group_by_id() get_network_device_group() get_network_device_group_by_id() get_network_device_group_by_name() get_network_device_group_generator() get_version() update_network_device_group_by_id()

node_deployment

delete_node() get_node_details() get_nodes() promote_node() register_node() update_node()

node_details

get_node_detail_by_id() get_node_detail_by_name() get_node_details() get_nodes_generator() get_version()

node_group

create_node_group() delete_node_group() get_node_group() get_node_groups() update_node_group()

pan_ha

disable_pan_ha() enable_pan_ha() get_pan_ha_status()

portal

get_portal_by_id() get_portals() get_portals_generator() get_version()

portal_global_setting

get_portal_global_setting_by_id() get_portal_global_settings() get_portal_global_settings_generator() get_version() update_portal_global_setting_by_id()

portal_theme

create_portal_theme() delete_portal_theme_by_id() get_portal_theme_by_id() get_portal_themes() get_portal_themes_generator() get_version() update_portal_theme_by_id()

profiler

get_profiles()

profiler_profile

get_profiler_profile_by_id() get_profiler_profiles() get_profiler_profiles_generator() get_version()

provider

authorization() register_service() reregister_service() unregister_service()

psn_node_details_with_radius_service

get_session_service_node() get_session_service_node_by_id() get_session_service_node_by_name() get_session_service_node_generator() get_version()

pull_deployment_info

get_deployment_info() get_version()

px_grid_node

approve_px_grid_node() delete_px_grid_node_by_name() get_px_grid_node() get_px_grid_node_by_id() get_px_grid_node_by_name() get_px_grid_node_generator() get_version()

px_grid_settings

autoapprove_px_grid_settings() get_version()

radius_failure

get_failures()

radius_server_sequence

create_radius_server_sequence() delete_radius_server_sequence_by_id() get_radius_server_sequence() get_radius_server_sequence_by_id() get_radius_server_sequence_generator() get_version() update_radius_server_sequence_by_id()

replication_status

get_node_replication_status()

repository

create_repository() delete_repository() get_repositories() get_repository() get_repository_files() update_repository()

restid_store

create_rest_id_store() delete_rest_id_store_by_id() delete_rest_id_store_by_name() get_rest_id_store() get_rest_id_store_by_id() get_rest_id_store_by_name() get_rest_id_store_generator() get_version() update_rest_id_store_by_id() update_rest_id_store_by_name()

security_group_to_virtual_network

bulk_request_for_security_groups_to_vn_to_vlan() create_security_groups_to_vn_to_vlan() delete_security_groups_to_vn_to_vlan_by_id() get_security_groups_to_vn_to_vlan() get_security_groups_to_vn_to_vlan_by_id() get_security_groups_to_vn_to_vlan_generator() get_version() monitor_bulk_status_security_groups_to_vn_to_vlan() update_security_groups_to_vn_to_vlan_by_id()

security_groups

bulk_request_for_security_group() create_security_group() delete_security_group_by_id() get_security_group_by_id() get_security_groups() get_security_groups_generator() get_version() monitor_bulk_status_security_group() update_security_group_by_id()

security_groups_acls

bulk_request_for_security_groups_acl() create_security_groups_acl() delete_security_groups_acl_by_id() get_security_groups_acl() get_security_groups_acl_by_id() get_security_groups_acl_generator() get_version() monitor_bulk_status_security_groups_acl() update_security_groups_acl_by_id()

self_registered_portal

create_self_registered_portal() delete_self_registered_portal_by_id() get_self_registered_portal_by_id() get_self_registered_portals() get_self_registered_portals_generator() get_version() update_self_registered_portal_by_id()

session_directory

get_session_by_ip_address() get_session_by_mac_address() get_sessions() get_sessions_for_recovery() get_user_group_by_user_name() get_user_groups()

sg_vn_mapping

bulk_create_sg_vn_mappings() bulk_delete_sg_vn_mappings() bulk_update_sg_vn_mappings() create_sg_vn_mapping() delete_sg_vn_mapping_by_id() get_sg_vn_mapping_by_id() get_sg_vn_mappings() get_sg_vn_mappings_generator() update_sg_vn_mapping_by_id()

sms_provider

get_sms_provider() get_sms_provider_generator() get_version()

sponsor_group

create_sponsor_group() delete_sponsor_group_by_id() get_sponsor_group() get_sponsor_group_by_id() get_sponsor_group_generator() get_version() update_sponsor_group_by_id()

sponsor_group_member

get_sponsor_group_member() get_sponsor_group_member_generator() get_version()

sponsor_portal

create_sponsor_portal() delete_sponsor_portal_by_id() get_sponsor_portal() get_sponsor_portal_by_id() get_sponsor_portal_generator() get_version() update_sponsor_portal_by_id()

sponsored_guest_portal

create_sponsored_guest_portal() delete_sponsored_guest_portal_by_id() get_sponsored_guest_portal_by_id() get_sponsored_guest_portals() get_sponsored_guest_portals_generator() get_version() update_sponsored_guest_portal_by_id()

support_bundle_download

download_support_bundle() get_version()

support_bundle_status

get_support_bundle_status() get_support_bundle_status_by_id() get_support_bundle_status_generator() get_version()

support_bundle_trigger_configuration

create_support_bundle() get_version()

sxp_connections

bulk_request_for_sxp_connections() create_sxp_connections() delete_sxp_connections_by_id() get_sxp_connections() get_sxp_connections_by_id() get_sxp_connections_generator() get_version() monitor_bulk_status_sxp_connections() update_sxp_connections_by_id()

sxp_local_bindings

bulk_request_for_sxp_local_bindings() create_sxp_local_bindings() delete_sxp_local_bindings_by_id() get_sxp_local_bindings() get_sxp_local_bindings_by_id() get_sxp_local_bindings_generator() get_version() monitor_bulk_status_sxp_local_bindings() update_sxp_local_bindings_by_id()

sxp_vpns

bulk_request_for_sxp_vpns() create_sxp_vpn() delete_sxp_vpn_by_id() get_sxp_vpn_by_id() get_sxp_vpns() get_sxp_vpns_generator() get_version() monitor_bulk_status_sxp_vpns()

sync_ise_node

sync_node()

system_certificate

create_system_certificate() get_version()

system_health

get_healths() get_performances()

tacacs_command_sets

create_tacacs_command_sets() delete_tacacs_command_sets_by_id() get_tacacs_command_sets() get_tacacs_command_sets_by_id() get_tacacs_command_sets_by_name() get_tacacs_command_sets_generator() get_version() update_tacacs_command_sets_by_id()

tacacs_external_servers

create_tacacs_external_servers() delete_tacacs_external_servers_by_id() get_tacacs_external_servers() get_tacacs_external_servers_by_id() get_tacacs_external_servers_by_name() get_tacacs_external_servers_generator() get_version() update_tacacs_external_servers_by_id()

tacacs_profile

create_tacacs_profile() delete_tacacs_profile_by_id() get_tacacs_profile() get_tacacs_profile_by_id() get_tacacs_profile_by_name() get_tacacs_profile_generator() get_version() update_tacacs_profile_by_id()

tacacs_server_sequence

create_tacacs_server_sequence() delete_tacacs_server_sequence_by_id() get_tacacs_server_sequence() get_tacacs_server_sequence_by_id() get_tacacs_server_sequence_by_name() get_tacacs_server_sequence_generator() get_version() update_tacacs_server_sequence_by_id()

tasks

get_task_status() get_task_status_by_id()

telemetry_information

get_telemetry_info_by_id() get_telemetry_information() get_telemetry_information_generator() get_version()

trust_sec_configuration

get_egress_matrices() get_egress_policies() get_security_group_acls() get_security_groups()

trust_sec_sxp

get_bindings()

version_and_patch

get_ise_version_and_patch()

version_info

get_version_info()

virtual_network

bulk_create_virtual_networks() bulk_delete_virtual_networks() bulk_update_virtual_networks() create_virtual_network() delete_virtual_network_by_id() get_virtual_network_by_id() get_virtual_networks() get_virtual_networks_generator() update_virtual_network_by_id()

vn_vlan_mapping

bulk_create_vn_vlan_mappings() bulk_delete_vn_vlan_mappings() bulk_update_vn_vlan_mappings() create_vn_vlan_mapping() delete_vn_vlan_mapping_by_id() get_vn_vlan_mapping_by_id() get_vn_vlan_mappings() get_vn_vlan_mappings_generator() update_vn_vlan_mapping_by_id()

v3.1.1 summary

IdentityServicesEngineAPI

aci_bindings

get_aci_bindings() get_aci_bindings_generator() get_version()

aci_settings

get_aci_settings() get_version() test_aci_connectivity() update_aci_settings_by_id()

active_directory

create_active_directory() delete_active_directory_by_id() get_active_directory() get_active_directory_by_id() get_active_directory_by_name() get_active_directory_generator() get_groups_by_domain() get_trusted_domains() get_user_groups() get_version() is_user_member_of_groups() join_domain() join_domain_with_all_nodes() leave_domain() leave_domain_with_all_nodes() load_groups_from_domain()

admin_user

get_admin_user_by_id() get_admin_users() get_admin_users_generator() get_version()

allowed_protocols

create_allowed_protocol() delete_allowed_protocol_by_id() get_allowed_protocol_by_id() get_allowed_protocol_by_name() get_allowed_protocols() get_allowed_protocols_generator() get_version() update_allowed_protocol_by_id()

anc_endpoint

apply_anc_endpoint() bulk_request_for_anc_endpoint() clear_anc_endpoint() get_anc_endpoint() get_anc_endpoint_by_id() get_anc_endpoint_generator() get_version() monitor_bulk_status_anc_endpoint()

anc_policy

bulk_request_for_anc_policy() create_anc_policy() delete_anc_policy_by_id() get_anc_policy() get_anc_policy_by_id() get_anc_policy_by_name() get_anc_policy_generator() get_version() monitor_bulk_status_anc_policy() update_anc_policy_by_id()

authentication

authentication_api()

authorization_profile

create_authorization_profile() delete_authorization_profile_by_id() get_authorization_profile_by_id() get_authorization_profile_by_name() get_authorization_profiles() get_authorization_profiles_generator() get_version() update_authorization_profile_by_id()

backup_and_restore

cancel_backup() config_backup() create_scheduled_config_backup() get_last_config_backup_status() restore_config_backup() update_scheduled_config_backup()

byod_portal

create_byod_portal() delete_byod_portal_by_id() get_byod_portal() get_byod_portal_by_id() get_byod_portal_generator() get_version() update_byod_portal_by_id()

certificate_profile

create_certificate_profile() get_certificate_profile() get_certificate_profile_by_id() get_certificate_profile_by_name() get_certificate_profile_generator() get_version() update_certificate_profile_by_id()

certificate_template

get_certificate_template() get_certificate_template_by_id() get_certificate_template_by_name() get_certificate_template_generator() get_version()

certificates

bind_csr() delete_csr_by_id() delete_system_certificate_by_id() delete_trusted_certificate_by_id() export_csr() export_system_certificate() export_trusted_certificate() generate_csr() generate_intermediate_ca_csr() generate_self_signed_certificate() get_csr_by_id() get_csrs() get_csrs_generator() get_system_certificate_by_id() get_system_certificates() get_system_certificates_generator() get_trusted_certificate_by_id() get_trusted_certificates() get_trusted_certificates_generator() import_system_certificate() import_trust_certificate() regenerate_ise_root_ca() renew_certificates() update_system_certificate() update_trusted_certificate()

clear_threats_and_vulnerabilities

clear_threats_and_vulnerabilities() get_version()

consumer

access_secret() activate_account() create_account() lookup_service()

custom_caller

add_api() call_api()

device_administration_authentication_rules

create_device_admin_authentication_rule() delete_device_admin_authentication_rule_by_id() get_device_admin_authentication_rule_by_id() get_device_admin_authentication_rules() reset_hit_counts_device_admin_authentication_rules() update_device_admin_authentication_rule_by_id()

device_administration_authorization_exception_rules

create_device_admin_local_exception_rule() delete_device_admin_local_exception_rule_by_id() get_device_admin_local_exception_rule_by_id() get_device_admin_local_exception_rules() reset_hit_counts_device_admin_local_exceptions() update_device_admin_local_exception_rule_by_id()

device_administration_authorization_global_exception_rules

create_device_admin_policy_set_global_exception() delete_device_admin_policy_set_global_exception_by_rule_id() get_device_admin_policy_set_global_exception_by_rule_id() get_device_admin_policy_set_global_exception_rules() reset_hit_counts_device_admin_global_exceptions() update_device_admin_policy_set_global_exception_by_rule_id()

device_administration_authorization_rules

create_device_admin_authorization_rule() delete_device_admin_authorization_rule_by_id() get_device_admin_authorization_rule_by_id() get_device_admin_authorization_rules() reset_hit_counts_device_admin_authorization_rules() update_device_admin_authorization_rule_by_id()

device_administration_command_set

get_device_admin_command_sets()

device_administration_conditions

create_device_admin_condition() delete_device_admin_condition_by_id() delete_device_admin_condition_by_name() get_device_admin_condition_by_id() get_device_admin_condition_by_name() get_device_admin_conditions() get_device_admin_conditions_for_authentication_rules() get_device_admin_conditions_for_authorization_rules() get_device_admin_conditions_for_policy_sets() update_device_admin_condition_by_id() update_device_admin_condition_by_name()

device_administration_dictionary_attributes_list

get_device_admin_dictionaries_authentication() get_device_admin_dictionaries_authorization() get_device_admin_dictionaries_policy_set()

device_administration_identity_stores

get_device_admin_identity_stores()

device_administration_network_conditions

create_device_admin_network_condition() delete_device_admin_network_condition_by_id() get_device_admin_network_condition_by_id() get_device_admin_network_conditions() update_device_admin_network_condition_by_id()

device_administration_policy_set

create_device_admin_policy_set() delete_device_admin_policy_set_by_id() get_device_admin_policy_set_by_id() get_device_admin_policy_sets() reset_hit_counts_device_admin_policy_sets() update_device_admin_policy_set_by_id()

device_administration_profiles

get_device_admin_profiles()

device_administration_service_names

get_device_admin_service_names()

device_administration_time_date_conditions

create_device_admin_time_condition() delete_device_admin_time_condition_by_id() get_device_admin_time_condition_by_id() get_device_admin_time_conditions() update_device_admin_time_condition_by_id()

downloadable_acl

create_downloadable_acl() delete_downloadable_acl_by_id() get_downloadable_acl() get_downloadable_acl_by_id() get_downloadable_acl_generator() get_version() update_downloadable_acl_by_id()

egress_matrix_cell

bulk_request_for_egress_matrix_cell() clear_all_matrix_cells() clone_matrix_cell() create_egress_matrix_cell() delete_egress_matrix_cell_by_id() get_egress_matrix_cell() get_egress_matrix_cell_by_id() get_egress_matrix_cell_generator() get_version() monitor_bulk_status_egress_matrix_cell() set_all_cells_status() update_egress_matrix_cell_by_id()

endpoint

bulk_request_for_endpoint() create_endpoint() delete_endpoint_by_id() deregister_endpoint() get_endpoint_by_id() get_endpoint_by_name() get_endpoints() get_endpoints_generator() get_rejected_endpoints() get_version() monitor_bulk_status_endpoint() register_endpoint() release_rejected_endpoint() update_endpoint_by_id()

endpoint_certificate

create_endpoint_certificate() get_version()

endpoint_identity_group

create_endpoint_group() delete_endpoint_group_by_id() get_endpoint_group_by_id() get_endpoint_group_by_name() get_endpoint_groups() get_endpoint_groups_generator() get_version() update_endpoint_group_by_id()

external_radius_server

create_external_radius_server() delete_external_radius_server_by_id() get_external_radius_server() get_external_radius_server_by_id() get_external_radius_server_by_name() get_external_radius_server_generator() get_version() update_external_radius_server_by_id()

filter_policy

create_filter_policy() delete_filter_policy_by_id() get_filter_policy() get_filter_policy_by_id() get_filter_policy_generator() get_version() update_filter_policy_by_id()

guest_location

get_guest_location() get_guest_location_by_id() get_guest_location_generator() get_version()

guest_smtp_notification_configuration

create_guest_smtp_notification_settings() get_guest_smtp_notification_settings() get_guest_smtp_notification_settings_by_id() get_guest_smtp_notification_settings_generator() get_version() update_guest_smtp_notification_settings_by_id()

guest_ssid

create_guest_ssid() delete_guest_ssid_by_id() get_guest_ssid() get_guest_ssid_by_id() get_guest_ssid_generator() get_version() update_guest_ssid_by_id()

guest_type

create_guest_type() delete_guest_type_by_id() get_guest_type() get_guest_type_by_id() get_guest_type_generator() get_version() update_guest_type_by_id() update_guest_type_email() update_guest_type_sms()

guest_user

approve_guest_user_by_id() bulk_request_for_guest_user() change_sponsor_password() create_guest_user() delete_guest_user_by_id() delete_guest_user_by_name() deny_guest_user_by_id() get_guest_user_by_id() get_guest_user_by_name() get_guest_users() get_guest_users_generator() get_version() monitor_bulk_status_guest_user() reinstate_guest_user_by_id() reinstate_guest_user_by_name() reset_guest_user_password_by_id() suspend_guest_user_by_id() suspend_guest_user_by_name() update_guest_user_by_id() update_guest_user_by_name() update_guest_user_email() update_guest_user_sms()

hotspot_portal

create_hotspot_portal() delete_hotspot_portal_by_id() get_hotspot_portal() get_hotspot_portal_by_id() get_hotspot_portal_generator() get_version() update_hotspot_portal_by_id()

identity_groups

create_identity_group() get_identity_group_by_id() get_identity_group_by_name() get_identity_groups() get_identity_groups_generator() get_version() update_identity_group_by_id()

identity_sequence

create_identity_sequence() delete_identity_sequence_by_id() get_identity_sequence() get_identity_sequence_by_id() get_identity_sequence_by_name() get_identity_sequence_generator() get_version() update_identity_sequence_by_id()

internal_user

create_internal_user() delete_internal_user_by_id() delete_internal_user_by_name() get_internal_user() get_internal_user_by_id() get_internal_user_by_name() get_internal_user_generator() get_version() update_internal_user_by_id() update_internal_user_by_name()

ip_to_sgt_mapping

bulk_request_for_ip_to_sgt_mapping() create_ip_to_sgt_mapping() delete_ip_to_sgt_mapping_by_id() deploy_all_ip_to_sgt_mapping() deploy_ip_to_sgt_mapping_by_id() get_deploy_status_ip_to_sgt_mapping() get_ip_to_sgt_mapping() get_ip_to_sgt_mapping_by_id() get_ip_to_sgt_mapping_generator() get_version() monitor_bulk_status_ip_to_sgt_mapping() update_ip_to_sgt_mapping_by_id()

ip_to_sgt_mapping_group

bulk_request_for_ip_to_sgt_mapping_group() create_ip_to_sgt_mapping_group() delete_ip_to_sgt_mapping_group_by_id() deploy_all_ip_to_sgt_mapping_group() deploy_ip_to_sgt_mapping_group_by_id() get_deploy_status_ip_to_sgt_mapping_group() get_ip_to_sgt_mapping_group() get_ip_to_sgt_mapping_group_by_id() get_ip_to_sgt_mapping_group_generator() get_version() monitor_bulk_status_ip_to_sgt_mapping_group() update_ip_to_sgt_mapping_group_by_id()

licensing

configure_smart_state() create_registration_info() get_connection_type() get_eval_license_info() get_feature_to_tier_mapping() get_registration_info() get_smart_state() get_tier_state_info() update_tier_state_info()

mdm

get_endpoint_by_mac_address() get_endpoints() get_endpoints_by_os_type() get_endpoints_by_type()

misc

delete_all_sessions() get_account_status_by_mac() get_active_count() get_active_list() get_authentication_status_by_mac() get_failure_reasons() get_mnt_version() get_posture_count() get_profiler_count() get_session_auth_list() get_sessions_by_endpoint_ip() get_sessions_by_mac() get_sessions_by_nas_ip() get_sessions_by_session_id() get_sessions_by_username() session_disconnect() session_reauthentication_by_mac()

my_device_portal

create_my_device_portal() delete_my_device_portal_by_id() get_my_device_portal() get_my_device_portal_by_id() get_my_device_portal_generator() get_version() update_my_device_portal_by_id()

native_supplicant_profile

delete_native_supplicant_profile_by_id() get_native_supplicant_profile() get_native_supplicant_profile_by_id() get_native_supplicant_profile_generator() get_version() update_native_supplicant_profile_by_id()

nbar_app

create_nbar_app() delete_nbar_app_by_id() get_nbar_app_by_id() get_nbar_apps() get_nbar_apps_generator() update_nbar_app_by_id()

network_access_authentication_rules

create_network_access_authentication_rule() delete_network_access_authentication_rule_by_id() get_network_access_authentication_rule_by_id() get_network_access_authentication_rules() reset_hit_counts_network_access_authentication_rules() update_network_access_authentication_rule_by_id()

network_access_authorization_exception_rules

create_network_access_local_exception_rule() delete_network_access_local_exception_rule_by_id() get_network_access_local_exception_rule_by_id() get_network_access_local_exception_rules() reset_hit_counts_network_access_local_exceptions() update_network_access_local_exception_rule_by_id()

network_access_authorization_global_exception_rules

create_network_access_policy_set_global_exception_rule() delete_network_access_policy_set_global_exception_rule_by_id() get_network_access_policy_set_global_exception_rule_by_id() get_network_access_policy_set_global_exception_rules() reset_hit_counts_network_access_global_exceptions() update_network_access_policy_set_global_exception_rule_by_id()

network_access_authorization_rules

create_network_access_authorization_rule() delete_network_access_authorization_rule_by_id() get_network_access_authorization_rule_by_id() get_network_access_authorization_rules() reset_hit_counts_network_access_authorization_rules() update_network_access_authorization_rule_by_id()

network_access_conditions

create_network_access_condition() delete_network_access_condition_by_id() delete_network_access_condition_by_name() get_network_access_condition_by_id() get_network_access_condition_by_name() get_network_access_conditions() get_network_access_conditions_for_authentication_rules() get_network_access_conditions_for_authorization_rules() get_network_access_conditions_for_policy_sets() update_network_access_condition_by_id() update_network_access_condition_by_name()

network_access_dictionary

create_network_access_dictionaries() delete_network_access_dictionary_by_name() get_network_access_dictionaries() get_network_access_dictionary_by_name() update_network_access_dictionary_by_name()

network_access_dictionary_attribute

create_network_access_dictionary_attribute() delete_network_access_dictionary_attribute_by_name() get_network_access_dictionary_attribute_by_name() get_network_access_dictionary_attributes_by_dictionary_name() update_network_access_dictionary_attribute_by_name()

network_access_dictionary_attributes_list

get_network_access_dictionaries_authentication() get_network_access_dictionaries_authorization() get_network_access_dictionaries_policy_set()

network_access_identity_stores

get_network_access_identity_stores()

network_access_network_conditions

create_network_access_network_condition() delete_network_access_network_condition_by_id() get_network_access_network_condition_by_id() get_network_access_network_conditions() update_network_access_network_condition_by_id()

network_access_policy_set

create_network_access_policy_set() delete_network_access_policy_set_by_id() get_network_access_policy_set_by_id() get_network_access_policy_sets() reset_hit_counts_network_access_policy_sets() update_network_access_policy_set_by_id()

network_access_profiles

get_network_access_profiles()

network_access_security_groups

get_network_access_security_groups()

network_access_service_names

get_network_access_service_names()

network_access_time_date_conditions

create_network_access_time_condition() delete_network_access_time_condition_by_id() get_network_access_time_condition_by_id() get_network_access_time_conditions() update_network_access_time_condition_by_id()

network_device

bulk_request_for_network_device() create_network_device() delete_network_device_by_id() delete_network_device_by_name() get_network_device() get_network_device_by_id() get_network_device_by_name() get_network_device_generator() get_version() monitor_bulk_status_network_device() update_network_device_by_id() update_network_device_by_name()

network_device_group

create_network_device_group() delete_network_device_group_by_id() get_network_device_group() get_network_device_group_by_id() get_network_device_group_by_name() get_network_device_group_generator() get_version() update_network_device_group_by_id()

node_deployment

delete_node() get_node_details() get_nodes() make_primary() make_standalone() promote_node() register_node() sync_node() update_node()

node_details

get_node_detail_by_id() get_node_detail_by_name() get_node_details() get_nodes_generator() get_version()

node_group

add_node() create_node_group() delete_node_group() get_node_group() get_node_groups() get_nodes() remove_node() update_node_group()

node_services

get_interfaces() get_profiler_probe_config() get_sxp_interface() set_profiler_probe_config() set_sxp_interface()

pan_ha

get_pan_ha_status() update_pan_ha()

patching

install_hotpatch() install_patch() list_installed_hotpatches() list_installed_patches() rollback_hotpatch() rollback_patch()

portal

get_portal_by_id() get_portals() get_portals_generator() get_version()

portal_global_setting

get_portal_global_setting_by_id() get_portal_global_settings() get_portal_global_settings_generator() get_version() update_portal_global_setting_by_id()

portal_theme

create_portal_theme() delete_portal_theme_by_id() get_portal_theme_by_id() get_portal_themes() get_portal_themes_generator() get_version() update_portal_theme_by_id()

profiler

get_profiles()

profiler_profile

get_profiler_profile_by_id() get_profiler_profiles() get_profiler_profiles_generator() get_version()

provider

authorization() register_service() reregister_service() unregister_service()

proxy

get_proxy_connection() update_proxy_connection()

psn_node_details_with_radius_service

get_session_service_node() get_session_service_node_by_id() get_session_service_node_by_name() get_session_service_node_generator() get_version()

pull_deployment_info

get_deployment_info() get_version()

px_grid_node

approve_px_grid_node() delete_px_grid_node_by_name() get_px_grid_node() get_px_grid_node_by_id() get_px_grid_node_by_name() get_px_grid_node_generator() get_version()

px_grid_settings

autoapprove_px_grid_settings() get_version()

radius_failure

get_failures()

radius_server_sequence

create_radius_server_sequence() delete_radius_server_sequence_by_id() get_radius_server_sequence() get_radius_server_sequence_by_id() get_radius_server_sequence_generator() get_version() update_radius_server_sequence_by_id()

repository

create_repository() delete_repository() get_repositories() get_repository() get_repository_files() update_repository()

restid_store

create_rest_id_store() delete_rest_id_store_by_id() delete_rest_id_store_by_name() get_rest_id_store() get_rest_id_store_by_id() get_rest_id_store_by_name() get_rest_id_store_generator() get_version() update_rest_id_store_by_id() update_rest_id_store_by_name()

security_group_to_virtual_network

bulk_request_for_security_groups_to_vn_to_vlan() create_security_groups_to_vn_to_vlan() delete_security_groups_to_vn_to_vlan_by_id() get_security_groups_to_vn_to_vlan() get_security_groups_to_vn_to_vlan_by_id() get_security_groups_to_vn_to_vlan_generator() get_version() monitor_bulk_status_security_groups_to_vn_to_vlan() update_security_groups_to_vn_to_vlan_by_id()

security_groups

bulk_request_for_security_group() create_security_group() delete_security_group_by_id() get_security_group_by_id() get_security_groups() get_security_groups_generator() get_version() monitor_bulk_status_security_group() update_security_group_by_id()

security_groups_acls

bulk_request_for_security_groups_acl() create_security_groups_acl() delete_security_groups_acl_by_id() get_security_groups_acl() get_security_groups_acl_by_id() get_security_groups_acl_generator() get_version() monitor_bulk_status_security_groups_acl() update_security_groups_acl_by_id()

self_registered_portal

create_self_registered_portal() delete_self_registered_portal_by_id() get_self_registered_portal_by_id() get_self_registered_portals() get_self_registered_portals_generator() get_version() update_self_registered_portal_by_id()

session_directory

get_session_by_ip_address() get_session_by_mac_address() get_sessions() get_sessions_for_recovery() get_user_group_by_user_name() get_user_groups()

sg_vn_mapping

bulk_create_sg_vn_mappings() bulk_delete_sg_vn_mappings() bulk_update_sg_vn_mappings() create_sg_vn_mapping() delete_sg_vn_mapping_by_id() get_sg_vn_mapping_by_id() get_sg_vn_mappings() get_sg_vn_mappings_generator() update_sg_vn_mapping_by_id()

sms_provider

get_sms_provider() get_sms_provider_generator() get_version()

sponsor_group

create_sponsor_group() delete_sponsor_group_by_id() get_sponsor_group() get_sponsor_group_by_id() get_sponsor_group_generator() get_version() update_sponsor_group_by_id()

sponsor_group_member

get_sponsor_group_member() get_sponsor_group_member_generator() get_version()

sponsor_portal

create_sponsor_portal() delete_sponsor_portal_by_id() get_sponsor_portal() get_sponsor_portal_by_id() get_sponsor_portal_generator() get_version() update_sponsor_portal_by_id()

sponsored_guest_portal

create_sponsored_guest_portal() delete_sponsored_guest_portal_by_id() get_sponsored_guest_portal_by_id() get_sponsored_guest_portals() get_sponsored_guest_portals_generator() get_version() update_sponsored_guest_portal_by_id()

support_bundle_download

download_support_bundle() get_version()

support_bundle_status

get_support_bundle_status() get_support_bundle_status_by_id() get_support_bundle_status_generator() get_version()

support_bundle_trigger_configuration

create_support_bundle() get_version()

sxp_connections

bulk_request_for_sxp_connections() create_sxp_connections() delete_sxp_connections_by_id() get_sxp_connections() get_sxp_connections_by_id() get_sxp_connections_generator() get_version() monitor_bulk_status_sxp_connections() update_sxp_connections_by_id()

sxp_local_bindings

bulk_request_for_sxp_local_bindings() create_sxp_local_bindings() delete_sxp_local_bindings_by_id() get_sxp_local_bindings() get_sxp_local_bindings_by_id() get_sxp_local_bindings_generator() get_version() monitor_bulk_status_sxp_local_bindings() update_sxp_local_bindings_by_id()

sxp_vpns

bulk_request_for_sxp_vpns() create_sxp_vpn() delete_sxp_vpn_by_id() get_sxp_vpn_by_id() get_sxp_vpns() get_sxp_vpns_generator() get_version() monitor_bulk_status_sxp_vpns()

system_certificate

create_system_certificate() get_version()

system_health

get_healths() get_performances()

tacacs_command_sets

create_tacacs_command_sets() delete_tacacs_command_sets_by_id() get_tacacs_command_sets() get_tacacs_command_sets_by_id() get_tacacs_command_sets_by_name() get_tacacs_command_sets_generator() get_version() update_tacacs_command_sets_by_id()

tacacs_external_servers

create_tacacs_external_servers() delete_tacacs_external_servers_by_id() get_tacacs_external_servers() get_tacacs_external_servers_by_id() get_tacacs_external_servers_by_name() get_tacacs_external_servers_generator() get_version() update_tacacs_external_servers_by_id()

tacacs_profile

create_tacacs_profile() delete_tacacs_profile_by_id() get_tacacs_profile() get_tacacs_profile_by_id() get_tacacs_profile_by_name() get_tacacs_profile_generator() get_version() update_tacacs_profile_by_id()

tacacs_server_sequence

create_tacacs_server_sequence() delete_tacacs_server_sequence_by_id() get_tacacs_server_sequence() get_tacacs_server_sequence_by_id() get_tacacs_server_sequence_by_name() get_tacacs_server_sequence_generator() get_version() update_tacacs_server_sequence_by_id()

tasks

get_task_status() get_task_status_by_id()

telemetry

get_transport_gateway() update_transport_gateway()

telemetry_information

get_telemetry_info_by_id() get_telemetry_information() get_telemetry_information_generator() get_version()

trust_sec_configuration

get_egress_matrices() get_egress_policies() get_security_group_acls() get_security_groups()

trust_sec_sxp

get_bindings()

version_and_patch

get_ise_version_and_patch()

version_info

get_version_info()

virtual_network

bulk_create_virtual_networks() bulk_delete_virtual_networks() bulk_update_virtual_networks() create_virtual_network() delete_virtual_network_by_id() get_virtual_network_by_id() get_virtual_networks() get_virtual_networks_generator() update_virtual_network_by_id()

vn_vlan_mapping

bulk_create_vn_vlan_mappings() bulk_delete_vn_vlan_mappings() bulk_update_vn_vlan_mappings() create_vn_vlan_mapping() delete_vn_vlan_mapping_by_id() get_vn_vlan_mapping_by_id() get_vn_vlan_mappings() get_vn_vlan_mappings_generator() update_vn_vlan_mapping_by_id()

IdentityServicesEngineAPI Class

class IdentityServicesEngineAPI[source]

Identity Services Engine API wrapper.

Creates a ‘session’ for all API calls through a created IdentityServicesEngineAPI object. The ‘session’ handles authentication, provides the needed headers, and checks all responses for error conditions.

IdentityServicesEngineAPI wraps all of the individual Identity Services Engine APIs and represents them in a simple hierarchical structure.

__init__(username=None, password=None, encoded_auth=None, uses_api_gateway=None, base_url=None, ui_base_url=None, ers_base_url=None, mnt_base_url=None, px_grid_base_url=None, single_request_timeout=None, wait_on_rate_limit=None, verify=None, version=None, debug=None, uses_csrf_token=None, object_factory=<function mydict_data_factory>, validator=<class 'ciscoisesdk.models.schema_validator.SchemaValidator'>, perform_initialize=True)[source]

Create a new IdentityServicesEngineAPI object. An access token is required to interact with the Identity Services Engine APIs. This package supports two methods for you to pass the authorization token:

1. Provide a encoded_auth value (username:password encoded in base 64). This has priority over the following method

  1. Provide username and password values.

This package supports two methods for you to set those values:

1. Provide the parameter. That is the encoded_auth or username and password parameters.

2. If an argument is not supplied, the package checks for its environment variable counterpart. That is the IDENTITY_SERVICES_ENGINE_ENCODED_AUTH, IDENTITY_SERVICES_ENGINE_USERNAME, IDENTITY_SERVICES_ENGINE_PASSWORD.

When not given enough parameters an AccessTokenError is raised.

Parameters
  • uses_api_gateway (bool,basestring) – Controls whether we use the ISE’s API Gateway to make the request. Defaults to the IDENTITY_SERVICES_ENGINE_USES_API_GATEWAY (or IDENTITY_SERVICES_ENGINE_USES_API_GATEWAY_STRING) environment variable or ciscoisesdk.config.DEFAULT_USES_API_GATEWAY if the environment variables are not set.

  • base_url (basestring) – The base URL to be prefixed to the individual API endpoint suffixes, used when uses_api_gateway is True. Defaults to the IDENTITY_SERVICES_ENGINE_BASE_URL environment variable or ciscoisesdk.config.DEFAULT_BASE_URL if the environment variable is not set.

  • ui_base_url (basestring) – The UI base URL to be prefixed to the individual ISE UI API endpoint suffixes, used when uses_api_gateway is False. Defaults to the IDENTITY_SERVICES_ENGINE_BASE_URL environment variable if set.

  • ers_base_url (basestring) – The ERS base URL to be prefixed to the individual ISE ERS API endpoint suffixes, used when uses_api_gateway is False. Defaults to the IDENTITY_SERVICES_ENGINE_BASE_URL environment variable if set.

  • mnt_base_url (basestring) – The MNT base URL to be prefixed to the individual ISE MNT API endpoint suffixes, used when uses_api_gateway is False. Defaults to the IDENTITY_SERVICES_ENGINE_BASE_URL environment variable if set.

  • px_grid_base_url (basestring) – The PxGrid base URL to be prefixed to the individual ISE PxGrid API endpoint suffixes, used when uses_api_gateway is False. Defaults to the IDENTITY_SERVICES_ENGINE_BASE_URL environment variable if set.

  • username (basestring) – HTTP Basic Auth username.

  • password (basestring) – HTTP Basic Auth password.

  • encoded_auth (basestring) – HTTP Basic Auth base64 encoded string.

  • single_request_timeout (int) – Timeout (in seconds) for RESTful HTTP requests. Defaults to the IDENTITY_SERVICES_ENGINE_SINGLE_REQUEST_TIMEOUT environment variable or ciscoisesdk.config.DEFAULT_SINGLE_REQUEST_TIMEOUT if the environment variable is not set.

  • wait_on_rate_limit (bool) – Enables or disables automatic rate-limit handling. Defaults to the IDENTITY_SERVICES_ENGINE_WAIT_ON_RATE_LIMIT environment variable or ciscoisesdk.config.DEFAULT_WAIT_ON_RATE_LIMIT if the environment variable is not set.

  • verify (bool,basestring) – Controls whether we verify the server’s TLS certificate, or a string, in which case it must be a path to a CA bundle to use. Defaults to the IDENTITY_SERVICES_ENGINE_VERIFY (or IDENTITY_SERVICES_ENGINE_VERIFY_STRING) environment variable or ciscoisesdk.config.DEFAULT_VERIFY if the environment variables are not set.

  • version (basestring) – Controls which version of IDENTITY_SERVICES_ENGINE to use. Defaults to the IDENTITY_SERVICES_ENGINE_VERSION environment variable or ciscoisesdk.config.DEFAULT_VERSION if the environment variable is not set.

  • debug (bool,basestring) – Controls whether to log information about Identity Services Engine APIs’ request and response process. Defaults to the IDENTITY_SERVICES_ENGINE_DEBUG environment variable or False if the environment variable is not set.

  • uses_csrf_token (bool,basestring) – Controls whether we send the CSRF token to ISE’s ERS APIs. Defaults to the IDENTITY_SERVICES_ENGINE_USES_CSRF_TOKEN environment variable or ciscoisesdk.config.DEFAULT_USES_CSRF_TOKEN if the environment variables are not set.

  • object_factory (callable) – The factory function to use to create Python objects from the returned Identity Services Engine JSON data objects.

  • validator (callable) – The factory class with function json_schema_validate(model:string) that returns an object with function validate(obj:dict) is used to validate Python objects sent in the request body.

  • perform_initialize (bool) – The flag that, if enabled, initializes now all the related objects to manage information from Identity Services Engine, like the authentication, the sessions (requests library), and the API wrappers (for each ISE API family). Defaults to True. You can initialize/reinitialize later with reinitialize. The original value will not change.

Returns

A new IdentityServicesEngineAPI object.

Return type

IdentityServicesEngineAPI

Raises
  • TypeError – If the parameter types are incorrect.

  • AccessTokenError – If an access token is not provided via the access_token argument or an environment variable.

  • VersionError – If the version is not provided via the version argument or an environment variable, or it is not a Identity Services Engine API supported version [‘3.1.0’, ‘3.1.1’].

initialize_authentication()[source]

Function used when perform_initialize is True in class init. Init Authentication wrapper early to use for basicAuth requests.

initialize_sessions()[source]

Performs initialization of “session_ui”, “session_ers”, “session”, “session_mnt”, “session_px_grid” properties. Creating for each one a RestSession object that handles the requests.

initialize_api_wrappers()[source]

Initializes the API wrappers according to the defined version.

reinitialize()[source]

Calls all the methods necessary to initialize/reinitialize the IdentityServicesEngineAPI.

property authentication

Utility object that provides authentication method.

property perform_initialize

The flag that, if enabled, initialized in the constructor all the related objects to manage information from Identity Services Engine.

is_password(password)[source]

Check if the value of the current password match

is_encoded_auth(encoded_auth)[source]

Check if the value of the current encoded_auth match

property session

The Identity Services Engine API session.

property session_ui

The Identity Services Engine UI API session.

property session_ers

The Identity Services Engine ERS API session.

property session_mnt

The Identity Services Engine MNT API session.

property session_px_grid

The Identity Services Engine PxGrid API session.

property username

HTTP Basic Auth username

change_password(password)[source]

HTTP Basic Auth password.

It may require to call reinitialize to distribute the changes accross the SDK objects.

change_encoded_auth(encoded_auth)[source]

HTTP Basic Auth base64 encoded string.

It may require to call reinitialize to distribute the changes accross the SDK objects.

property uses_api_gateway

If the Identity Services Engine API uses an API Gateway.

property base_url

The base URL prefixed to the individual API endpoint suffixes for ERS and Custom Caller operations.

property ui_base_url

The ui base URL prefixed to the individual API endpoint suffixes for UI operations.

property ers_base_url

The ers base URL prefixed to the individual API endpoint suffixes for ERS operations.

property mnt_base_url

The mnt base URL prefixed to the individual API endpoint suffixes for MNT operations.

property px_grid_base_url

The px_grid base URL prefixed to the individual API endpoint suffixes for PxGrid operations

property single_request_timeout

Timeout (in seconds) for an single HTTP request.

property wait_on_rate_limit

Automatic rate-limit handling enabled / disabled.

property verify

The verify (TLS Certificate) for the API endpoints.

property version

The API version of Identity Services Engine.

property debug

If log information about Identity Services Engine APIs’ request and response process is shown.

property uses_csrf_token

If the Identity Services Engine ERS API requires the X-CSRF-Token to be sent.

property object_factory

The factory function to use to create Python objects from the returned Identity Services Engine JSON data objects.

property validator

The function used to validate Python objects sent in the request body.

authentication

class Authentication[source]

Identity Services Engine Authentication API.

Wraps the Identity Services Engine Authentication API and exposes the API as native Python methods that return native Python objects.

property verify

The verify (TLS Certificate) for the API endpoints.

property base_url

The base URL for the API endpoints.

property single_request_timeout

Timeout in seconds for the API requests.

authentication_api(username, password, encoded_auth=None)[source]

Exchange basic auth data for a Authorization Basic encoded value that can be used to invoke the APIs.

Parameters
  • username (basestring) – HTTP Basic Auth username.

  • password (basestring) – HTTP Basic Auth password.

  • encoded_auth (basestring) – HTTP Basic Auth base64 encoded string.

Returns

An AccessToken object with the access token provided by the Identity Services Engine cloud.

Return type

AccessToken

Raises

TypeError – If the parameter types are incorrect.

custom_caller

class CustomCaller[source]

Identity Services Engine CustomCaller.

Identity Services Engine CustomCaller allows API creation.

add_api(name, obj)[source]

Adds an api call to the CustomCaller.

Parameters
  • name (str) – name you want to set to the api client, has to follow python variable naming rule.

  • obj (object) – api call which is actually a calling call_api method.

call_api(method, resource_path, raise_exception=True, original_response=False, **kwargs)[source]

Handles the requests and response.

Parameters
  • method (basestring) – type of request.

  • resource_path (basestring) – URL in the request object.

  • raise_exception (bool) – If True, http exceptions will be raised.

  • original_response (bool) – If True, MyDict (JSON response) is returned, else response object.

  • path_params (dict) (optional) – Find each path_params’ key in the resource_path and replace it with path_params’ value.

  • params (optional) – Dictionary or bytes to be sent in the query string for the Request.

  • data (optional) – Dictionary, bytes, or file-like object to send in the body of the Request.

  • json (optional) – json data to send in the body of the Request.

  • headers (optional) – Dictionary of HTTP Headers to send with the Request.

  • cookies (optional) – Dict or CookieJar object to send with the Request.

  • files (optional) – Dictionary of ‘name’: file-like-objects (or {‘name’: (‘filename’, fileobj)}) for multipart encoding upload.

  • auth (optional) – Auth tuple to enable Basic/Digest/Custom HTTP Auth.

  • timeout (float, tuple) (optional) – How long to wait for the server to send data before giving up, as a float, or a (connect timeout, read timeout) tuple.

  • allow_redirects (bool) (optional) – bool. Set to True if POST/PUT/DELETE redirect following is allowed.

  • proxies (optional) – Dictionary mapping protocol to the URL of the proxy.

  • verify (bool,string) (optional) – if True, the SSL cert will be verified. A CA_BUNDLE path can also be provided as a string.

  • stream (optional) – if False, the response content will be immediately downloaded.

  • cert (basestring, tuple) (optional) – if String, path to ssl client cert file (.pem). If Tuple, (‘cert’, ‘key’) pair

Returns

If original_response is True returns the original object response, else returns a JSON response with access to the object’s properties by using the dot notation or the bracket notation. Defaults to False.

Return type

RestResponse or object

Raises
  • TypeError – If the parameter types are incorrect.

  • HTTPError – If the Identity Services Engine cloud returns an error.

IdentityServicesEngineAPI v3.1.0

aci_bindings

class AciBindings[source]

Identity Services Engine ACIBindings API (version: 3.1.0).

Wraps the Identity Services Engine ACIBindings API and exposes the API as native Python methods that return native Python objects.

The ACI Bindings API allows clients to retrieve bindings that were sent to Cisco ISE by ACI or received on ACI from Cisco ISE. The binding information will be identical to the information on the ACI bindings page in the Cisco ISE UI. Filtering will be based on one attribute only, such as ip, sgt, vn, psn, learnedFrom, or learnedBy with CONTAINS mode of search.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

0

1.0

3.0

Initial Cisco ISE Version


Resource Definition

Attribute

Type

Required

Description

Example Values

name

String

Yes

Resource Name

id

String

No

Resource UUID value

f9269682-dcaf-11e3-ad0a-5bdcd2d9fd69

description

String

No

ip

String

Yes

Binding IPv4 address. Each binding will be exclusively identified by its IP address and virtual network

10.0.0.1

sgt

String

No

Security Group Tag (SGT) value. The valid range for SGT values is 0-65534

1234

vn

String

Yes

Virtual network. Each binding will be exclusively identified by its IP address and virtual network

vn1234

psn

String

No

Cisco ISE Policy Service node (PSN) IP address

10.86.189.216

learnedFrom

String

Yes

Binding Source

ISE by ACI ACI by ISE

learnedBy

String

Yes

Binding Type

SXP(SXP, 0) STATIC(Static, 1) RADIUS(RADIUS, 2) ACI(ACI, 3)

get_aci_bindings(filter_by=None, filter_value=None, page=None, size=None, sort=None, sort_by=None, headers=None, **query_parameters)[source]

This API allows clients to retrieve all the bindings that were sent to Cisco ISE by ACI or received on ACI from Cisco ISE.The binding information will be identical to the information on ACI bindings page in the Cisco ISE UI. Filtering will be based on one attribute only, such as ip/sgt/vn/psn/learnedFrom/learnedBy with CONTAINS mode of search.

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sort (basestring) – sort query parameter. sort type asc or desc.

  • sort_by (basestring) – sortBy query parameter. sort column by which objects needs to be sorted.

  • filter_by (basestring, list, set, tuple) – filterBy query parameter.

  • filter_value (basestring, list, set, tuple) – filterValue query parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(filter_by=None, filter_value=None, page=None, size=None, sort=None, sort_by=None, headers=None, **query_parameters)[source]

Alias for get_aci_bindings

get_aci_bindings_generator(filter_by=None, filter_value=None, page=None, size=None, sort=None, sort_by=None, headers=None, **query_parameters)[source]

This API allows clients to retrieve all the bindings that were sent to Cisco ISE by ACI or received on ACI from Cisco ISE.The binding information will be identical to the information on ACI bindings page in the Cisco ISE UI. Filtering will be based on one attribute only, such as ip/sgt/vn/psn/learnedFrom/learnedBy with CONTAINS mode of search.

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sort (basestring) – sort query parameter. sort type asc or desc.

  • sort_by (basestring) – sortBy query parameter. sort column by which objects needs to be sorted.

  • filter_by (basestring, list, set, tuple) – filterBy query parameter.

  • filter_value (basestring, list, set, tuple) – filterValue query parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

A generator object containing the following object.

  • RestResponse: REST response with following properties:

    • headers(MyDict): response headers.

    • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

    • content(bytes): representation of the request’s response

    • text(str): representation of the request’s response

Return type

Generator

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all_generator(filter_by=None, filter_value=None, page=None, size=None, sort=None, sort_by=None, headers=None, **query_parameters)[source]

Alias for get_aci_bindings_generator

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the Cisco ACI bindings.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

aci_settings

class AciSettings[source]

Identity Services Engine ACISettings API (version: 3.1.0).

Wraps the Identity Services Engine ACISettings API and exposes the API as native Python methods that return native Python objects.

ACI Settings API allows the client to get and update the ACI Settings. In addition, testing the ACI Domain Manager connection is also possible using the TestACIConnection.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

0

1.0

3.0

Initial Cisco ISE Version


Resource Definition

Attribute

Type

Required

Description

Default Values

Example Values

name

String

Yes

Resource Name

AciSettings

id

String

No

Resource UUID value

29fb45ab-6a8e-4658-8a28-02521c258178

description

String

No

Aci Settings

enableAci

Boolean

Yes

Enable ACI Integration

false

isAci50

Boolean

Yes

Enable 5.0 ACI Version

false

ipAddressHostName

String

No

ACI Cluster IP Address / Host name

adminName

String

No

ACI Cluster Admin name

adminPassword

String

No

ACI Cluster Admin password

tenantName

String

No

ACI Cluster Tenant name

ISE

l3RouteNetwork

String

No

ACI Cluster L3 Route network name

L3_ROUTE

suffixToEpg

String

No

Name Conversion - EPG suffix

SGT

suffixToSgt

String

No

Name Conversion - SGT suffix

EPG

allSxpDomain

Boolean

No

SXP Propagation to all the SXP domains

false

specificSxpDomain

Boolean

No

SXP Propagation to specific SXP domains

true

specifixSxpDomainList

List

No

Specific SXP domains list

[default]

isAci51

Boolean

Yes

Enable 5.1 ACI Version

false

aciipaddress

String

No

ACI Domain manager Ip Address

aciuserName

String

No

ACI Domain manager Username

acipassword

String

No

ACI Domain manager Password

enableDataPlane

Boolean

No

Enable data plane

false

untaggedPacketIepgName

String

No

Untagged IEPG packets name

untagged

defaultSgtName

String

No

Default SGT name

Unknown

enableElementsLimit

Boolean

No

Enable Elements Limit

false

maxNumIepgFromAci

Integer

No

Max number of IEPGs

1000

maxNumSgtToAci

Integer

No

Max number of SGTs

500

get_aci_settings(headers=None, **query_parameters)[source]

This API allows the client to get ACI Settings.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(headers=None, **query_parameters)[source]

Alias for get_aci_settings

test_aci_connectivity(headers=None, **query_parameters)[source]

This API allows the client to test ACI Domain Manager connection.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

update_aci_settings_by_id(id, aci50=None, aci51=None, aciipaddress=None, acipassword=None, aciuser_name=None, admin_name=None, admin_password=None, all_sxp_domain=None, default_sgt_name=None, enable_aci=None, enable_data_plane=None, enable_elements_limit=None, ip_address_host_name=None, l3_route_network=None, max_num_iepg_from_aci=None, max_num_sgt_to_aci=None, specific_sxp_domain=None, specifix_sxp_domain_list=None, suffix_to_epg=None, suffix_to_sgt=None, tenant_name=None, untagged_packet_iepg_name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to update ACI settings.

Parameters
  • aci50 (boolean) – Enable 5.0 ACI Version, property of the request body.

  • aci51 (boolean) – Enable 5.1 ACI Version, property of the request body.

  • aciipaddress (string) – ACI Domain manager Ip Address., property of the request body.

  • acipassword (string) – ACI Domain manager Password., property of the request body.

  • aciuser_name (string) – ACI Domain manager Username., property of the request body.

  • admin_name (string) – ACI Cluster Admin name, property of the request body.

  • admin_password (string) – ACI Cluster Admin password, property of the request body.

  • all_sxp_domain (boolean) – allSxpDomain, property of the request body.

  • default_sgt_name (string) – defaultSgtName, property of the request body.

  • enable_aci (boolean) – Enable ACI Integration, property of the request body.

  • enable_data_plane (boolean) – enableDataPlane, property of the request body.

  • enable_elements_limit (boolean) – enableElementsLimit, property of the request body.

  • id (basestring) – Resource UUID value, property of the request body.

  • ip_address_host_name (string) – ACI Cluster IP Address / Host name, property of the request body.

  • l3_route_network (string) – l3RouteNetwork, property of the request body.

  • max_num_iepg_from_aci (integer) – maxNumIepgFromAci, property of the request body.

  • max_num_sgt_to_aci (integer) – maxNumSgtToAci, property of the request body.

  • specific_sxp_domain (boolean) – specificSxpDomain, property of the request body.

  • specifix_sxp_domain_list (list) – specifixSxpDomainList, property of the request body (list of strings).

  • suffix_to_epg (string) – suffixToEpg, property of the request body.

  • suffix_to_sgt (string) – suffixToSgt, property of the request body.

  • tenant_name (string) – tenantName, property of the request body.

  • untagged_packet_iepg_name (string) – untaggedPacketIepgName, property of the request body.

  • id – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

update_by_id(id, aci50=None, aci51=None, aciipaddress=None, acipassword=None, aciuser_name=None, admin_name=None, admin_password=None, all_sxp_domain=None, default_sgt_name=None, enable_aci=None, enable_data_plane=None, enable_elements_limit=None, ip_address_host_name=None, l3_route_network=None, max_num_iepg_from_aci=None, max_num_sgt_to_aci=None, specific_sxp_domain=None, specifix_sxp_domain_list=None, suffix_to_epg=None, suffix_to_sgt=None, tenant_name=None, untagged_packet_iepg_name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for update_aci_settings_by_id

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the Cisco ACI settings.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

anc_endpoint

class AncEndpoint[source]

Identity Services Engine ANCEndpoint API (version: 3.1.0).

Wraps the Identity Services Engine ANCEndpoint API and exposes the API as native Python methods that return native Python objects.

Adaptive Network Control (ANC) provides the ability to create network endpoint authorization controls based on ANC policies.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

0

1.0

2.1

Initial Cisco ISE Version


Resource Definition

Attribute

Type

Required

Description

Example Values

name

String

Yes

Resource Name

id

String

No

Resource UUID

f9269682-dcaf-11e3-ad0a-5bdcd2d9fd69

description

String

No

macAddress

String

Yes

MAC address of the endpoint

00:11:22:33:44:55

policyName

String

Yes

Policy name to be applied to the endpoint

policy1


Supported ANC API transactions per second

On a 5 node Cisco ISE deployment with 60k sessions or on a 9 node Cisco ISE deployment with 200k/500k sessions, 250 transactions per second (TPS) is supported for any ANC API.
Supported ANC APIs
* applyEndpointByMacAddress * clearEndpointByMacaddress * applyEndpointByIpAddress * applyEndpointPolicy * clearEndpointPolicy

Deployment

Number of Sessions

Supported ANC APIs TPS

5 nodes

60k

250

9 nodes

200k

250

5 nodes

500k

250

get_anc_endpoint_by_id(id, headers=None, **query_parameters)[source]

This API allows the client to get an ANC endpoint by ID.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_id(id, headers=None, **query_parameters)[source]

Alias for get_anc_endpoint_by_id

clear_anc_endpoint(additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to clear the required configuration.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

clear(additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for clear_anc_endpoint

get_anc_endpoint(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

This API allows the client to get all the ANC endpoints. Filter: [name] To search resources by using toDate column,follow the format: DD-MON-YY (Example:13-SEP-18) Day or Year:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13 Month:GET /ers/config/guestuser/?filter=toDate.CONTAINS.SEP Date:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13-SEP-18 Sorting: [name].

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sortasc (basestring) – sortasc query parameter. sort asc.

  • sortdsc (basestring) – sortdsc query parameter. sort desc.

  • filter (basestring, list, set, tuple) – filter query parameter. Simple filtering should be available through the filter query string parameter. The structure of a filter is a triplet of field operator and value separated with dots. More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the “filterType=or” query string parameter. Each resource Data model description should specify if an attribute is a filtered field. (Operator: Description), (EQ: Equals), (NEQ: Not Equals), (GT: Greater Than), (LT: Less Then), (STARTSW: Starts With), (NSTARTSW: Not Starts With), (ENDSW: Ends With), (NENDSW: Not Ends With), (CONTAINS: Contains), (NCONTAINS: Not Contains), .

  • filter_type (basestring) – filterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

Alias for get_anc_endpoint

get_anc_endpoint_generator(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

This API allows the client to get all the ANC endpoints. Filter: [name] To search resources by using toDate column,follow the format: DD-MON-YY (Example:13-SEP-18) Day or Year:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13 Month:GET /ers/config/guestuser/?filter=toDate.CONTAINS.SEP Date:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13-SEP-18 Sorting: [name].

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sortasc (basestring) – sortasc query parameter. sort asc.

  • sortdsc (basestring) – sortdsc query parameter. sort desc.

  • filter (basestring, list, set, tuple) – filter query parameter. Simple filtering should be available through the filter query string parameter. The structure of a filter is a triplet of field operator and value separated with dots. More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the “filterType=or” query string parameter. Each resource Data model description should specify if an attribute is a filtered field. (Operator: Description), (EQ: Equals), (NEQ: Not Equals), (GT: Greater Than), (LT: Less Then), (STARTSW: Starts With), (NSTARTSW: Not Starts With), (ENDSW: Ends With), (NENDSW: Not Ends With), (CONTAINS: Contains), (NCONTAINS: Not Contains), .

  • filter_type (basestring) – filterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

A generator object containing the following object.

  • RestResponse: REST response with following properties:

    • headers(MyDict): response headers.

    • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

    • content(bytes): representation of the request’s response

    • text(str): representation of the request’s response

Return type

Generator

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all_generator(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

Alias for get_anc_endpoint_generator

apply_anc_endpoint(additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to apply the required configuration.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

apply(additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for apply_anc_endpoint

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the ANC Endpoint.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

bulk_request_for_anc_endpoint(operation_type=None, resource_media_type=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to submit the bulk request.

Parameters
  • operation_type (string) – operationType, property of the request body.

  • resource_media_type (string) – resourceMediaType, property of the request body.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

bulk_request(operation_type=None, resource_media_type=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for bulk_request_for_anc_endpoint

monitor_bulk_status_anc_endpoint(bulkid, headers=None, **query_parameters)[source]

This API allows the client to monitor the bulk request.

Parameters
  • bulkid (basestring) – bulkid path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

monitor_bulk_status(bulkid, headers=None, **query_parameters)[source]

Alias for monitor_bulk_status_anc_endpoint

active_directory

class ActiveDirectory[source]

Identity Services Engine ActiveDirectory API (version: 3.1.0).

Wraps the Identity Services Engine ActiveDirectory API and exposes the API as native Python methods that return native Python objects.

The Active Directory API allows the user to carry out add, delete, and search operations on the active directory domains through Cisco ISE’s join points. For example, if you want to connect to the domain cisco.com and retrieve the domain groups, you can carry out the following steps which are also available as APIs: Step 1 Create a domain join point in Cisco ISE. In the “domain” parameter use cisco.com.
Step 2 Get all defined join points and copy your join point’s ID from the response.
Step 3 Join all Cisco ISE nodes to the domain. Use the ID received in the Step 2 in the URL. From this point onwards, you can perform several actions. In each action you should specify the joint point ID in the URL, as retrieved in step 2 in the previous configuration task. For example, you can: • Retrieve the user groups using the join point ID.
• Retrieve the groups of a specific domain using the join point ID. The domain parameter can be cisco.com or any of its trusted domains. You can use the get all trusted domains operation to retrieve the list.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

Revision Modification

Revision Modification

Attribute

Description

0

1.0

2.2

Initial Cisco ISE Version

1

1.1

2.4

Support new attributes

advancedSettings

Added ERSActiveDirectoryAdvancedSettings Attribute ‘advancedSettings’

adAttributes

Added ERSActiveDirectoryAttributes Attribute ‘adAttributes’

enableDomainWhiteList

Added Boolean Attribute ‘enableDomainWhiteList’

2

1.2

3.1

Support new attributes under ActiveDirectory AdvancedSettings

enableFailedAuthProtection

Added Boolean Attribute ‘enableFailedAuthProtection’

failedAuthThreshold

Added Integer Attribute ‘failedAuthThreshold’

authProtectionType

Added Enum Attribute ‘authProtectionType’


Resource Definition

Attribute

Type

Required

Description

Default Values

Example Values

name

String

Yes

Resource Name. Maximum 32 characters allowed. Allowed characters are alphanumeric and .-_/ characters

Company_users

id

String

No

Resource UUID value

af1cd190-7d71-11eb-b02e-ead13cf60dcb

description

String

No

No character restriction

Group of Active company users

domain

String

Yes

The AD domain. Alphanumeric, hyphen (-) and dot (.) characters are allowed

cisco.com

adScopesNames

String

No

String that contains the names of the scopes that the active directory belongs to. Names are separated by comma. Alphanumeric, underscore (_) characters are allowed

Default_Scope

enableDomainWhiteList

Boolean

No

true

adGroups

List

No

Holds list of AD Groups

  • groups

List

No

List of Groups

  • name

String

Yes

Required for each group in the group list with no duplication between groups. All characters are allowed except %

cisco.com/operators

  • sid

String

Yes

Cisco ISE uses security identifiers (SIDs) for optimization of group membership evaluation. SIDs are useful for efficiency (speed) when the groups are evaluated. All characters are allowed except %

S-1-5-32-548

  • type

String

No

No character restriction

GLOBAL

adAttributes

List

No

Holds list of AD Attributes

  • attributes

List

No

List of Attributes

  • name

String

Yes

Required for each attribute in the attribute list with no duplication between attributes. All characters are allowed except <%”

name1

  • type

Enum

Yes

Required for each group in the group list. Allowed values: - STRING, - IP, - BOOLEAN, - INT, - OCTET_STRING

STRING

  • internalName

String

Yes

Required for each attribute in the attribute list. All characters are allowed except <%”

internalName1

  • defaultValue

String

Yes

Required for each attribute in the attribute list. Can contain an empty string. All characters are allowed except <%”

defaultString

advancedSettings

List

No

  • rewriteRules

List

No

Identity rewrite is an advanced feature that directs Cisco ISE to manipulate the identity before it is passed to the external Active Directory system. You can create rules to change the identity to a desired format that includes or excludes a domain prefix and/or suffix or other additional markup of your choice

  • rowId

Integer

Yes

Required for each rule in the list in serial order

0

  • rewriteMatch

String

Yes

Required for each rule in the list with no duplication between rules. All characters are allowed except %”

exampleMatch0

  • rewriteResult

String

Yes

Required for each rule in the list. All characters are allowed except %”

exampleResult0

  • enableRewrites

Boolean

No

false

  • enablePassChange

Boolean

No

true

  • enableMachineAuth

Boolean

No

true

  • enableMachineAccess

Boolean

No

true

  • enableDialinPermissionCheck

Boolean

No

false

  • plaintextAuth

Boolean

No

false

  • agingTime

Integer

No

Range 1-8760 hours

5

  • enableCallbackForDialinClient

Boolean

No

false

  • identityNotInAdBehaviour

Enum

No

Allowed values: - REJECT, - SEARCH_JOINED_FOREST, - SEARCH_ALL

SEARCH_JOINED_FOREST

  • unreachableDomainsBehaviour

Enum

No

Allowed values: - PROCEED, - DROP

PROCEED

  • schema

Enum

No

Allowed values: - ACTIVE_DIRECTORY, - CUSTOMChoose ACTIVE_DIRECTORY schema when the AD attributes defined in AD can be copied to relevant attributes in Cisco ISE. If customization is needed, choose CUSTOM schema. All User info attributes are always set to default value if schema is ACTIVE_DIRECTORY. Values can be changed only for CUSTOM schema

ACTIVE_DIRECTORY

  • firstName

String

No

User info attribute. All characters are allowed except %

givenName

  • department

String

No

User info attribute. All characters are allowed except %

department

  • lastName

String

No

User info attribute. All characters are allowed except %

sn

  • organizationalUnit

String

No

User info attribute. All characters are allowed except %

company

  • jobTitle

String

No

User info attribute. All characters are allowed except %

title

  • locality

String

No

User info attribute. All characters are allowed except %

l

  • email

String

No

User info attribute. All characters are allowed except %

mail

  • stateOrProvince

String

No

User info attribute. All characters are allowed except %

st

  • telephone

String

No

User info attribute. All characters are allowed except %

telephoneNumber

  • country

String

No

User info attribute. All characters are allowed except %

co

  • streetAddress

String

No

User info attribute. All characters are allowed except %

streetAddress

  • enableFailedAuthProtection

Boolean

No

Enable prevent AD account lockout due to too many bad password attempts

false

  • failedAuthThreshold

Integer

No

Number of bad password attempts

5

  • authProtectionType

Enum

No

Enable prevent AD account lockout. Allowed values:- WIRELESS, - WIRED, - BOTH

WIRELESS

get_active_directory_by_name(name, headers=None, **query_parameters)[source]

This API allows the client to get Active Directory by name.

Parameters
  • name (basestring) – name path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_name(name, headers=None, **query_parameters)[source]

Alias for get_active_directory_by_name

get_user_groups(id, additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to get groups of which a given user is a member.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

load_groups_from_domain(id, ad_attributes=None, ad_scopes_names=None, adgroups=None, advanced_settings=None, description=None, domain=None, enable_domain_white_list=None, name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API loads domain groups configuration from Active Directory into Cisco ISE.

Parameters
  • ad_attributes (object) – Holds list of AD Attributes, property of the request body.

  • ad_scopes_names (string) – String that contains the names of the scopes that the active directory belongs to. Names are separated by comma. Alphanumeric, underscore (_) characters are allowed, property of the request body.

  • adgroups (object) – Holds list of AD Groups, property of the request body.

  • advanced_settings (object) – advancedSettings, property of the request body.

  • description (string) – No character restriction, property of the request body.

  • domain (string) – The AD domain. Alphanumeric, hyphen (-) and dot (.) characters are allowed, property of the request body.

  • enable_domain_white_list (boolean) – enableDomainWhiteList, property of the request body.

  • id (basestring) – Resource UUID value, property of the request body.

  • name (string) – Resource Name. Maximum 32 characters allowed. Allowed characters are alphanumeric and .-_/characters, property of the request body.

  • id – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

leave_domain(id, additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API makes a Cisco ISE node to leave an Active Directory domain.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

is_user_member_of_groups(id, additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API verifies if the user is a member of the given groups.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_trusted_domains(id, headers=None, **query_parameters)[source]

This API gets the list of domains that are accessible through the given join point via trust relationships.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

join_domain_with_all_nodes(id, additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API joins all Cisco ISE Nodes to an Active Directory domain.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

leave_domain_with_all_nodes(id, additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API joins makes all Cisco ISE nodes leave an Active Directory domain.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_groups_by_domain(id, additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API lists the groups of the given domain.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_active_directory_by_id(id, headers=None, **query_parameters)[source]

This API fetchs the join point details by ID. The ID can be retrieved with the Get All operation.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_id(id, headers=None, **query_parameters)[source]

Alias for get_active_directory_by_id

delete_active_directory_by_id(id, headers=None, **query_parameters)[source]

This API deletes an AD join point from Cisco ISE.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

delete_by_id(id, headers=None, **query_parameters)[source]

Alias for delete_active_directory_by_id

join_domain(id, additional_data=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API joins a Cisco ISE node to an Active Directory domain.

Parameters
  • additional_data (list) – additionalData, property of the request body (list of objects).

  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_active_directory(page=None, size=None, headers=None, **query_parameters)[source]

This API lists all the join points for Active Directory domains in Cisco ISE.

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(page=None, size=None, headers=None, **query_parameters)[source]

Alias for get_active_directory

get_active_directory_generator(page=None, size=None, headers=None, **query_parameters)[source]

This API lists all the join points for Active Directory domains in Cisco ISE.

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

A generator object containing the following object.

  • RestResponse: REST response with following properties:

    • headers(MyDict): response headers.

    • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

    • content(bytes): representation of the request’s response

    • text(str): representation of the request’s response

Return type

Generator

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all_generator(page=None, size=None, headers=None, **query_parameters)[source]

Alias for get_active_directory_generator

create_active_directory(ad_attributes=None, ad_scopes_names=None, adgroups=None, advanced_settings=None, description=None, domain=None, enable_domain_white_list=None, id=None, name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API creates an AD join point in Cisco ISE.

Parameters
  • ad_attributes (object) – Holds list of AD Attributes, property of the request body.

  • ad_scopes_names (string) – String that contains the names of the scopes that the active directory belongs to. Names are separated by comma. Alphanumeric, underscore (_) characters are allowed, property of the request body.

  • adgroups (object) – Holds list of AD Groups, property of the request body.

  • advanced_settings (object) – advancedSettings, property of the request body.

  • description (string) – No character restriction, property of the request body.

  • domain (string) – The AD domain. Alphanumeric, hyphen (-) and dot (.) characters are allowed, property of the request body.

  • enable_domain_white_list (boolean) – enableDomainWhiteList, property of the request body.

  • id (string) – Resource UUID value, property of the request body.

  • name (string) – Resource Name. Maximum 32 characters allowed. Allowed characters are alphanumeric and .-_/characters, property of the request body.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

create(ad_attributes=None, ad_scopes_names=None, adgroups=None, advanced_settings=None, description=None, domain=None, enable_domain_white_list=None, id=None, name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for create_active_directory

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the active directory.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

admin_user

class AdminUser[source]

Identity Services Engine AdminUser API (version: 3.1.0).

Wraps the Identity Services Engine AdminUser API and exposes the API as native Python methods that return native Python objects.

The Admin User API allows to retrieve information related to admin users configured on Cisco ISE.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

0

1.0

1.2

Initial Cisco ISE Version

1

1.1

2.0

Cisco ISE Release 2.3 Admin User


Resource Definition

Attribute

Type

Required

Description

Example Values

Default Value

name

String

Yes

Resource Name

id

String

Yes

Resource UUID

f9269682-dcaf-11e3-ad0a-5bdcd2d9fd69

description

String

No

changePassword

Boolean

Yes

true

true

email

String

No

email1@domain.com

includeSystemAlarmsInEmail

Boolean

No

false

inactiveAccountNeverDisabled

Boolean

No

true

enabled

Boolean

Yes

false

external

Boolean

No

true

customAttributes

String

No

Key Value Map

{“MyCustomAttribute” : “Value1”}

firstName

String

No

adminGroups

String

No

Admin Group Names

Super Admin

lastName

String

No

password

String

No

The password field doesn’t show the actual password configured. It is hidden with the asterisk (*) symbol

get_admin_user_by_id(id, headers=None, **query_parameters)[source]

This API allows the client to get an admin user by ID.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_id(id, headers=None, **query_parameters)[source]

Alias for get_admin_user_by_id

get_admin_users(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

This API allows the client to get all the admin users. Filter: [firstName, lastName, adminGroups, name, description, inactiveAccountNeverDisabled, includeSystemAlarmsInEmail, email, enabled] To search resources by using toDate column,follow the format: DD-MON-YY (Example:13-SEP-18) Day or Year:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13 Month:GET /ers/config/guestuser/?filter=toDate.CONTAINS.SEP Date:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13-SEP-18 Sorting: [name, description].

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sortasc (basestring) – sortasc query parameter. sort asc.

  • sortdsc (basestring) – sortdsc query parameter. sort desc.

  • filter (basestring, list, set, tuple) – filter query parameter. Simple filtering should be available through the filter query string parameter. The structure of a filter is a triplet of field operator and value separated with dots. More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the “filterType=or” query string parameter. Each resource Data model description should specify if an attribute is a filtered field. (Operator: Description), (EQ: Equals), (NEQ: Not Equals), (GT: Greater Than), (LT: Less Then), (STARTSW: Starts With), (NSTARTSW: Not Starts With), (ENDSW: Ends With), (NENDSW: Not Ends With), (CONTAINS: Contains), (NCONTAINS: Not Contains), .

  • filter_type (basestring) – filterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

Alias for get_admin_users

get_admin_users_generator(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

This API allows the client to get all the admin users. Filter: [firstName, lastName, adminGroups, name, description, inactiveAccountNeverDisabled, includeSystemAlarmsInEmail, email, enabled] To search resources by using toDate column,follow the format: DD-MON-YY (Example:13-SEP-18) Day or Year:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13 Month:GET /ers/config/guestuser/?filter=toDate.CONTAINS.SEP Date:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13-SEP-18 Sorting: [name, description].

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sortasc (basestring) – sortasc query parameter. sort asc.

  • sortdsc (basestring) – sortdsc query parameter. sort desc.

  • filter (basestring, list, set, tuple) – filter query parameter. Simple filtering should be available through the filter query string parameter. The structure of a filter is a triplet of field operator and value separated with dots. More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the “filterType=or” query string parameter. Each resource Data model description should specify if an attribute is a filtered field. (Operator: Description), (EQ: Equals), (NEQ: Not Equals), (GT: Greater Than), (LT: Less Then), (STARTSW: Starts With), (NSTARTSW: Not Starts With), (ENDSW: Ends With), (NENDSW: Not Ends With), (CONTAINS: Contains), (NCONTAINS: Not Contains), .

  • filter_type (basestring) – filterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

A generator object containing the following object.

  • RestResponse: REST response with following properties:

    • headers(MyDict): response headers.

    • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

    • content(bytes): representation of the request’s response

    • text(str): representation of the request’s response

Return type

Generator

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all_generator(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

Alias for get_admin_users_generator

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the admin user.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

allowed_protocols

class AllowedProtocols[source]

Identity Services Engine AllowedProtocols API (version: 3.1.0).

Wraps the Identity Services Engine AllowedProtocols API and exposes the API as native Python methods that return native Python objects.

Allowed Protocols API allows the client to add, delete, update, search and perform actions on allowed protocols.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

Revision Modification

Revision Modification

Attribute

Description

0

1.0

2.3

Initial Cisco ISE Version

1

1.1

2.7

Added support for TEAP

preferredEapProtocol

Added value ‘TEAP’ to enum attribute preferredEapProtocol

allowTeap

Added boolean attribute allowTeap

allowTeapEapMsChapV2

Added boolean attribute allowTeapEapMsChapV2

allowTeapEapMsChapV2PwdChange

Added boolean attribute allowTeap

allowTeapEapMsChapV2PwdChangeRetries

Added int attribute allowTeapEapMsChapV2PwdChangeRetries

allowTeapEapTls

Added boolean attribute allowTeapEapTls


Resource Definition

Attribute

Type

Required

Description

Example Values

name

String

Yes

Resource Name

Default Device Admin

id

String

No

Resource UUID, Mandatory for update

926901b0-8c01-11e6-996c-525400b48521

description

String

No

Default Allowed Protocol Service Device Admin

processHostLookup

Boolean

Yes

true

allowPapAscii

Boolean

No

true

allowChap

Boolean

Yes

false

allowMsChapV1

Boolean

Yes

false

allowMsChapV2

Boolean

Yes

false

allowEapMd5

Boolean

Yes

true

allowLeap

Boolean

Yes

false

allowEapTls

Boolean

Yes

true

allowEapTtls

Boolean

Yes

true

allowEapFast

Boolean

Yes

true

allowPeap

Boolean

Yes

true

allowTeap

Boolean

Yes

true

allowPreferredEapProtocol

Boolean

Yes

true

eapTlsLBit

Boolean

Yes

false

allowWeakCiphersForEap

Boolean

Yes

false

requireMessageAuth

Boolean

Yes

false

preferredEapProtocol

Enum

No

The preferredEapProtocol is required only if allowPreferredEapProtocol is true, otherwise it must be ignored.

PEAP

eapTls

List

No

The eapTls is required only if allowEapTls is true, otherwise it must be ignored. The object eapTls contains the settings for EAP TLS protocol

  • allowEapTlsAuthOfExpiredCerts

Boolean

Yes

false

  • eapTlsEnableStatelessSessionResume

Boolean

Yes

false

  • eapTlsSessionTicketTtl

Integer

No

Time to live. The eapTlsSessionTicketTtl is required only if eapTlsEnableStatelessSessionResume is true, otherwise it must be ignored

1

  • eapTlsSessionTicketTtlUnits

Enum

No

Time to live time units. The eapTlsSessionTicketTtlUnits is required only if eapTlsEnableStatelessSessionResume is true, otherwise it must be ignored.

SECONDS

  • eapTlsSessionTicketPrecentage

Integer

No

The eapTlsSessionTicketPrecentage is required only if eapTlsEnableStatelessSessionResume is true, otherwise it must be ignored

1

peap

List

No

The peap is required only if allowPeap is true, otherwise it must be ignored. The object peap contains the settings for PEAP protocol

  • allowPeapEapMsChapV2

Boolean

Yes

true

  • allowPeapEapMsChapV2PwdChange

Boolean

No

The allowPeapEapMsChapV2PwdChange is required only if allowPeapEapMsChapV2 is true, otherwise it must be ignored

true

  • allowPeapEapMsChapV2PwdChangeRetries

Integer

No

The allowPeapEapMsChapV2PwdChangeRetries is required only if allowPeapEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3

1

  • allowPeapEapGtc

Boolean

Yes

false

  • allowPeapEapGtcPwdChange

Boolean

No

The allowPeapEapGtcPwdChange is required only if allowPeapEapGtc is true, otherwise it must be ignored

false

  • allowPeapEapGtcPwdChangeRetries

Integer

No

The allowPeapEapGtcPwdChangeRetries is required only if allowPeapEapGtc is true, otherwise it must be ignored. Valid range is 0-3

1

  • allowPeapEapTls

Boolean

Yes

true

  • allowPeapEapTlsAuthOfExpiredCerts

Boolean

No

The allowPeapEapTlsAuthOfExpiredCerts is required only if allowPeapEapTls is true, otherwise it must be ignored

false

  • requireCryptobinding

Boolean

Yes

false

  • allowPeapV0

Boolean

Yes

false

eapTtls

List

No

The eapTtls is required only if allowEapTtls is true, otherwise it must be ignored. The object eapTtls contains the settings for EAP TTLS protocol

  • eapTtlsPapAscii

Boolean

Yes

true

  • eapTtlsChap

Boolean

Yes

true

  • eapTtlsMsChapV1

Boolean

Yes

true

  • eapTtlsMsChapV2

Boolean

Yes

true

  • eapTtlsEapMd5

Boolean

Yes

true

  • eapTtlsEapMsChapV2

Boolean

Yes

true

  • eapTtlsEapMsChapV2PwdChange

Boolean

No

The eapTtlsEapMsChapV2PwdChange is required only if eapTtlsEapMsChapV2 is true, otherwise it must be ignored

true

  • eapTtlsEapMsChapV2PwdChangeRetries

Integer

No

The eapTtlsEapMsChapV2PwdChangeRetries is required only if eapTtlsEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3

1

eapFast

List

No

The eapFast is required only if allowEapFast is true, otherwise it must be ignored. The object eapFast contains the settings for EAP FAST protocol

  • allowEapFastEapMsChapV2

Boolean

Yes

true

  • allowEapFastEapMsChapV2PwdChange

Boolean

No

The allowEapFastEapMsChapV2PwdChange is required only if allowEapFastEapMsChapV2 is true, otherwise it must be ignored

true

  • allowEapFastEapMsChapV2PwdChangeRetries

Integer

No

The allowEapFastEapMsChapV2PwdChangeRetries is required only if eapTtlsEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3

1

  • allowEapFastEapGtc

Boolean

Yes

true

  • allowEapFastEapGtcPwdChange

Boolean

No

The allowEapFastEapGtcPwdChange is required only if allowEapFastEapGtc is true, otherwise it must be ignored

true

  • allowEapFastEapGtcPwdChangeRetries

Integer

No

The allowEapFastEapGtcPwdChangeRetries is required only if allowEapFastEapGtc is true, otherwise it must be ignored. Valid range is 0-3

1

  • allowEapFastEapTls

Boolean

Yes

true

  • allowEapFastEapTlsAuthOfExpiredCerts

Boolean

No

The allowEapFastEapTlsAuthOfExpiredCerts is required only if allowEapFastEapTls is true, otherwise it must be ignored

false

  • eapFastEnableEAPChaining

Boolean

Yes

false

  • eapFastUsePacs

Boolean

Yes

true

  • eapFastUsePacsTunnelPacTtl

Integer

No

The eapFastUsePacsTunnelPacTtl is required only if eapFastUsePacs is true, otherwise it must be ignored

7776000

  • eapFastUsePacsTunnelPacTtlUnits

Enum

No

The eapFastUsePacsTunnelPacTtlUnits is required only if eapFastUsePacs is true, otherwise it must be ignored.

SECONDS

  • eapFastUsePacsUseProactivePacUpdatePrecentage

Integer

No

The eapFastUsePacsUseProactivePacUpdatePrecentage is required only if eapFastUsePacs is true, otherwise it must be ignored

10

  • eapFastUsePacsAllowAnonymProvisioning

Boolean

No

The eapFastUsePacsAllowAnonymProvisioning is required only if eapFastUsePacs is true, otherwise it must be ignored

false

  • eapFastUsePacsAllowAuthenProvisioning

Boolean

No

The eapFastUsePacsAllowAuthenProvisioning is required only if eapFastUsePacs is true, otherwise it must be ignored

false

  • eapFastUsePacsReturnAccessAccept

AfterAuthenticatedProvisioning

Boolean

No

The eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning is required only if eapFastUsePacsAllowAuthenProvisioning is true, otherwise it must be ignored

false

  • eapFastUsePacsAcceptClientCert

Boolean

No

The eapFastUsePacsAcceptClientCert is required only if eapFastUsePacsAllowAuthenProvisioning is true, otherwise it must be ignored

false

  • eapFastUsePacsAllowMachineAuthentication

Boolean

No

false

  • eapFastUsePacsMachinePacTtl

Integer

No

The eapFastUsePacsMachinePacTtl is required only if eapFastUsePacsAllowMachineAuthentication is true, otherwise it must be ignored

1

  • eapFastUsePacsMachinePacTtlUnits

Enum

No

The eapFastUsePacsMachinePacTtlUnits is required only if eapFastUsePacsAllowMachineAuthentication is true, otherwise it must be ignored.

SECONDS

  • eapFastUsePacsStatelessSessionResume

Boolean

No

The eapFastUsePacsStatelessSessionResume is required only if eapFastUsePacs is true, otherwise it must be ignored

false

  • eapFastUsePacsAuthorizationPacTtl

Integer

No

The eapFastUsePacsAuthorizationPacTtl is required only if eapFastUsePacsStatelessSessionResume is true, otherwise it must be ignored

1

  • eapFastUsePacsAuthorizationPacTtlUnits

Enum

No

The eapFastUsePacsAuthorizationPacTtlUnits is required only if eapFastUsePacsStatelessSessionResume is true, otherwise it must be ignored.

SECONDS

  • eapFastDontUsePacsAcceptClientCert

Boolean

No

The eapFastDontUsePacsAcceptClientCert is required only if eapFastUsePacs is FALSE, otherwise it must be ignored

false

  • eapFastDontUsePacsAllowMachineAuthentication

Boolean

No

The eapFastDontUsePacsAllowMachineAuthentication is required only if eapFastUsePacs is FALSE, otherwise it must be ignored

false

teap

List

No

The teap is required only if allowTeap is true, otherwise it must be ignored. The object teap contains the settings for TEAP protocol

  • allowTeapEapMsChapV2

Boolean

Yes

true

  • allowTeapEapMsChapV2PwdChange

Boolean

No

The allowTeapEapMsChapV2PwdChange is required only if allowTeapEapMsChapV2 is true, otherwise it must be ignored

true

  • allowTeapEapMsChapV2PwdChangeRetries

Integer

No

The allowTeapEapMsChapV2PwdChangeRetries is required only if allowTeapEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3

3

  • allowTeapEapTls

Boolean

Yes

true

  • allowTeapEapTlsAuthOfExpiredCerts

Boolean

No

The allowTeapEapTlsAuthOfExpiredCerts is required only if allowTeapEapTls is true, otherwise it must be ignored

false

  • acceptClientCertDuringTunnelEst

Boolean

Yes

true

  • enableEapChaining

Boolean

Yes

false

  • allowDowngradeMsk

Boolean

Yes

false

get_allowed_protocol_by_name(name, headers=None, **query_parameters)[source]

This API allows the client to get an allowed protocol by name.

Parameters
  • name (basestring) – name path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_name(name, headers=None, **query_parameters)[source]

Alias for get_allowed_protocol_by_name

get_allowed_protocol_by_id(id, headers=None, **query_parameters)[source]

This API allows the client to get an allowed protocol by ID.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_id(id, headers=None, **query_parameters)[source]

Alias for get_allowed_protocol_by_id

update_allowed_protocol_by_id(id, allow_chap=None, allow_eap_fast=None, allow_eap_md5=None, allow_eap_tls=None, allow_eap_ttls=None, allow_leap=None, allow_ms_chap_v1=None, allow_ms_chap_v2=None, allow_pap_ascii=None, allow_peap=None, allow_preferred_eap_protocol=None, allow_teap=None, allow_weak_ciphers_for_eap=None, description=None, eap_fast=None, eap_tls=None, eap_tls_l_bit=None, eap_ttls=None, name=None, peap=None, preferred_eap_protocol=None, process_host_lookup=None, require_message_auth=None, teap=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to update an allowed protocol.

Parameters
  • allow_chap (boolean) – allowChap, property of the request body.

  • allow_eap_fast (boolean) – allowEapFast, property of the request body.

  • allow_eap_md5 (boolean) – allowEapMd5, property of the request body.

  • allow_eap_tls (boolean) – allowEapTls, property of the request body.

  • allow_eap_ttls (boolean) – allowEapTtls, property of the request body.

  • allow_leap (boolean) – allowLeap, property of the request body.

  • allow_ms_chap_v1 (boolean) – allowMsChapV1, property of the request body.

  • allow_ms_chap_v2 (boolean) – allowMsChapV2, property of the request body.

  • allow_pap_ascii (boolean) – allowPapAscii, property of the request body.

  • allow_peap (boolean) – allowPeap, property of the request body.

  • allow_preferred_eap_protocol (boolean) – allowPreferredEapProtocol, property of the request body.

  • allow_teap (boolean) – allowTeap, property of the request body.

  • allow_weak_ciphers_for_eap (boolean) – allowWeakCiphersForEap, property of the request body.

  • description (string) – description, property of the request body.

  • eap_fast (object) – The eapFast is required only if allowEapFast is true, otherwise it must be ignored. The object eapFast contains the settings for EAP FAST protocol, property of the request body.

  • eap_tls (object) – The eapTls is required only if allowEapTls is true, otherwise it must be ignored. The object eapTls contains the settings for EAP TLS protocol, property of the request body.

  • eap_tls_l_bit (boolean) – eapTlsLBit, property of the request body.

  • eap_ttls (object) – The eapTtls is required only if allowEapTtls is true, otherwise it must be ignored. The object eapTtls contains the settings for EAP TTLS protocol, property of the request body.

  • id (basestring) – Resource UUID, Mandatory for update, property of the request body.

  • name (string) – Resource Name, property of the request body.

  • peap (object) – peap, property of the request body.

  • preferred_eap_protocol (string) – The preferredEapProtocol is required only if allowPreferredEapProtocol is true, otherwise it must be ignored. Allowed Values: EAP_FAST, PEAP, LEAP, EAP_MD5, EAP_TLS, EAP_TTLS, TEAP, property of the request body.

  • process_host_lookup (boolean) – processHostLookup, property of the request body.

  • require_message_auth (boolean) – requireMessageAuth, property of the request body.

  • teap (object) – The teap is required only if allowTeap is true, otherwise it must be ignored. The object teap contains the settings for TEAP protocol, property of the request body.

  • id – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

update_by_id(id, allow_chap=None, allow_eap_fast=None, allow_eap_md5=None, allow_eap_tls=None, allow_eap_ttls=None, allow_leap=None, allow_ms_chap_v1=None, allow_ms_chap_v2=None, allow_pap_ascii=None, allow_peap=None, allow_preferred_eap_protocol=None, allow_teap=None, allow_weak_ciphers_for_eap=None, description=None, eap_fast=None, eap_tls=None, eap_tls_l_bit=None, eap_ttls=None, name=None, peap=None, preferred_eap_protocol=None, process_host_lookup=None, require_message_auth=None, teap=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for update_allowed_protocol_by_id

delete_allowed_protocol_by_id(id, headers=None, **query_parameters)[source]

This API deletes an allowed protocol.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

delete_by_id(id, headers=None, **query_parameters)[source]

Alias for delete_allowed_protocol_by_id

get_allowed_protocols(page=None, size=None, headers=None, **query_parameters)[source]

This API allows the client to get all the allowed protocols.

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(page=None, size=None, headers=None, **query_parameters)[source]

Alias for get_allowed_protocols

get_allowed_protocols_generator(page=None, size=None, headers=None, **query_parameters)[source]

This API allows the client to get all the allowed protocols.

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

A generator object containing the following object.

  • RestResponse: REST response with following properties:

    • headers(MyDict): response headers.

    • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

    • content(bytes): representation of the request’s response

    • text(str): representation of the request’s response

Return type

Generator

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all_generator(page=None, size=None, headers=None, **query_parameters)[source]

Alias for get_allowed_protocols_generator

create_allowed_protocol(allow_chap=None, allow_eap_fast=None, allow_eap_md5=None, allow_eap_tls=None, allow_eap_ttls=None, allow_leap=None, allow_ms_chap_v1=None, allow_ms_chap_v2=None, allow_pap_ascii=None, allow_peap=None, allow_preferred_eap_protocol=None, allow_teap=None, allow_weak_ciphers_for_eap=None, description=None, eap_fast=None, eap_tls=None, eap_tls_l_bit=None, eap_ttls=None, name=None, peap=None, preferred_eap_protocol=None, process_host_lookup=None, require_message_auth=None, teap=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API creates an allowed protocol.

Parameters
  • allow_chap (boolean) – allowChap, property of the request body.

  • allow_eap_fast (boolean) – allowEapFast, property of the request body.

  • allow_eap_md5 (boolean) – allowEapMd5, property of the request body.

  • allow_eap_tls (boolean) – allowEapTls, property of the request body.

  • allow_eap_ttls (boolean) – allowEapTtls, property of the request body.

  • allow_leap (boolean) – allowLeap, property of the request body.

  • allow_ms_chap_v1 (boolean) – allowMsChapV1, property of the request body.

  • allow_ms_chap_v2 (boolean) – allowMsChapV2, property of the request body.

  • allow_pap_ascii (boolean) – allowPapAscii, property of the request body.

  • allow_peap (boolean) – allowPeap, property of the request body.

  • allow_preferred_eap_protocol (boolean) – allowPreferredEapProtocol, property of the request body.

  • allow_teap (boolean) – allowTeap, property of the request body.

  • allow_weak_ciphers_for_eap (boolean) – allowWeakCiphersForEap, property of the request body.

  • description (string) – description, property of the request body.

  • eap_fast (object) – The eapFast is required only if allowEapFast is true, otherwise it must be ignored. The object eapFast contains the settings for EAP FAST protocol, property of the request body.

  • eap_tls (object) – The eapTls is required only if allowEapTls is true, otherwise it must be ignored. The object eapTls contains the settings for EAP TLS protocol, property of the request body.

  • eap_tls_l_bit (boolean) – eapTlsLBit, property of the request body.

  • eap_ttls (object) – The eapTtls is required only if allowEapTtls is true, otherwise it must be ignored. The object eapTtls contains the settings for EAP TTLS protocol, property of the request body.

  • name (string) – Resource Name, property of the request body.

  • peap (object) – peap, property of the request body.

  • preferred_eap_protocol (string) – The preferredEapProtocol is required only if allowPreferredEapProtocol is true, otherwise it must be ignored. Allowed Values: EAP_FAST, PEAP, LEAP, EAP_MD5, EAP_TLS, EAP_TTLS, TEAP, property of the request body.

  • process_host_lookup (boolean) – processHostLookup, property of the request body.

  • require_message_auth (boolean) – requireMessageAuth, property of the request body.

  • teap (object) – The teap is required only if allowTeap is true, otherwise it must be ignored. The object teap contains the settings for TEAP protocol, property of the request body.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

create(allow_chap=None, allow_eap_fast=None, allow_eap_md5=None, allow_eap_tls=None, allow_eap_ttls=None, allow_leap=None, allow_ms_chap_v1=None, allow_ms_chap_v2=None, allow_pap_ascii=None, allow_peap=None, allow_preferred_eap_protocol=None, allow_teap=None, allow_weak_ciphers_for_eap=None, description=None, eap_fast=None, eap_tls=None, eap_tls_l_bit=None, eap_ttls=None, name=None, peap=None, preferred_eap_protocol=None, process_host_lookup=None, require_message_auth=None, teap=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for create_allowed_protocol

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the allowed protocols.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

anc_policy

class AncPolicy[source]

Identity Services Engine AncPolicy API (version: 3.1.0).

Wraps the Identity Services Engine AncPolicy API and exposes the API as native Python methods that return native Python objects.

Adaptive Network Control (ANC) provides the ability to create network endpoint authorization controls based on ANC policies.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

0

1.0

2.1

Initial Cisco ISE Version


Resource Definition

Attribute

Type

Required

Description

Example Values

name

String

Yes

Resource Name

id

String

No

Resource ID

test

description

String

No

action

Enum

Yes

  • QUARANTINE: Allows you to use Exception policies (authorization policies) to limit or deny an endpoint access to the network.

  • PORTBOUNCE: Resets the port on the network device to which the endpoint is connected

  • SHUTDOWN : Shuts down the port on the network device to which the endpoint is connected

  • RE_AUTHENTICATE: Re-authenticates the session from the endpoint

get_anc_policy_by_name(name, headers=None, **query_parameters)[source]

This API allows the client to get an ANC policy by name.

Parameters
  • name (basestring) – name path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_name(name, headers=None, **query_parameters)[source]

Alias for get_anc_policy_by_name

get_anc_policy_by_id(id, headers=None, **query_parameters)[source]

This API allows the client to get an ANC policy by ID.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_id(id, headers=None, **query_parameters)[source]

Alias for get_anc_policy_by_id

update_anc_policy_by_id(id, actions=None, name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to update an ANC policy.

Parameters
  • actions (list) – QUARANTINE: Allows you to use Exception policies (authorization policies) to limit or deny an endpoint access to the network. PORTBOUNCE: Resets the port on the network device to which the endpoint is connected. SHUTDOWN : Shuts down the port on the network device to which the endpoint is connected. RE_AUTHENTICATE: Re-authenticates the session from the endpoint., property of the request body (list of strings. Available values are ‘QUARANTINE’, ‘PORTBOUNCE’, ‘SHUTDOWN’ and ‘RE_AUTHENTICATE’).

  • id (basestring) – id, property of the request body.

  • name (string) – name, property of the request body.

  • id – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

update_by_id(id, actions=None, name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for update_anc_policy_by_id

delete_anc_policy_by_id(id, headers=None, **query_parameters)[source]

This API allows the client to delete an ANC policy.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

delete_by_id(id, headers=None, **query_parameters)[source]

Alias for delete_anc_policy_by_id

get_anc_policy(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

This API allows the client to get all the ANC policies. Filter: [name] To search resources by using toDate column,follow the format: DD-MON-YY (Example:13-SEP-18) Day or Year:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13 Month:GET /ers/config/guestuser/?filter=toDate.CONTAINS.SEP Date:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13-SEP-18 Sorting: [name].

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sortasc (basestring) – sortasc query parameter. sort asc.

  • sortdsc (basestring) – sortdsc query parameter. sort desc.

  • filter (basestring, list, set, tuple) – filter query parameter. Simple filtering should be available through the filter query string parameter. The structure of a filter is a triplet of field operator and value separated with dots. More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the “filterType=or” query string parameter. Each resource Data model description should specify if an attribute is a filtered field. (Operator: Description), (EQ: Equals), (NEQ: Not Equals), (GT: Greater Than), (LT: Less Then), (STARTSW: Starts With), (NSTARTSW: Not Starts With), (ENDSW: Ends With), (NENDSW: Not Ends With), (CONTAINS: Contains), (NCONTAINS: Not Contains), .

  • filter_type (basestring) – filterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

Alias for get_anc_policy

get_anc_policy_generator(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

This API allows the client to get all the ANC policies. Filter: [name] To search resources by using toDate column,follow the format: DD-MON-YY (Example:13-SEP-18) Day or Year:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13 Month:GET /ers/config/guestuser/?filter=toDate.CONTAINS.SEP Date:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13-SEP-18 Sorting: [name].

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sortasc (basestring) – sortasc query parameter. sort asc.

  • sortdsc (basestring) – sortdsc query parameter. sort desc.

  • filter (basestring, list, set, tuple) – filter query parameter. Simple filtering should be available through the filter query string parameter. The structure of a filter is a triplet of field operator and value separated with dots. More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the “filterType=or” query string parameter. Each resource Data model description should specify if an attribute is a filtered field. (Operator: Description), (EQ: Equals), (NEQ: Not Equals), (GT: Greater Than), (LT: Less Then), (STARTSW: Starts With), (NSTARTSW: Not Starts With), (ENDSW: Ends With), (NENDSW: Not Ends With), (CONTAINS: Contains), (NCONTAINS: Not Contains), .

  • filter_type (basestring) – filterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

A generator object containing the following object.

  • RestResponse: REST response with following properties:

    • headers(MyDict): response headers.

    • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

    • content(bytes): representation of the request’s response

    • text(str): representation of the request’s response

Return type

Generator

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all_generator(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

Alias for get_anc_policy_generator

create_anc_policy(actions=None, name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to create an ANC policy.

Parameters
  • actions (list) – QUARANTINE: Allows you to use Exception policies (authorization policies) to limit or deny an endpoint access to the network. PORTBOUNCE: Resets the port on the network device to which the endpoint is connected. SHUTDOWN : Shuts down the port on the network device to which the endpoint is connected. RE_AUTHENTICATE: Re-authenticates the session from the endpoint., property of the request body (list of strings. Available values are ‘QUARANTINE’, ‘PORTBOUNCE’, ‘SHUTDOWN’ and ‘RE_AUTHENTICATE’).

  • name (string) – name, property of the request body.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

create(actions=None, name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for create_anc_policy

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the ANC policy.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

bulk_request_for_anc_policy(operation_type=None, resource_media_type=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to submit the bulk request.

Parameters
  • operation_type (string) – operationType, property of the request body.

  • resource_media_type (string) – resourceMediaType, property of the request body.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

bulk_request(operation_type=None, resource_media_type=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for bulk_request_for_anc_policy

monitor_bulk_status_anc_policy(bulkid, headers=None, **query_parameters)[source]

This API allows the client to monitor the bulk request.

Parameters
  • bulkid (basestring) – bulkid path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

monitor_bulk_status(bulkid, headers=None, **query_parameters)[source]

Alias for monitor_bulk_status_anc_policy

authorization_profile

class AuthorizationProfile[source]

Identity Services Engine AuthorizationProfile API (version: 3.1.0).

Wraps the Identity Services Engine AuthorizationProfile API and exposes the API as native Python methods that return native Python objects.

Authorization Profile API allows the client to add, delete, update, search and perform actions on authorization profiles.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

Revision Modification

Revision Modification

Attribute

Description

0

1.0

2.2

Initial Cisco ISE Version

1

1.1

2.3

Support new attributes under common tasks

accessType

Added Attribute ‘accessType’. Default value:’ACCESS_ACCEPT’, additional values: ‘ACCESS_REJECT’

authzProfileType

Added Attribute ‘authzProfileType’ to differentiate between types of authorization profiles. Default value:’SWITCH’ (used for Standard Authorization Profiles) , additional values:’TACACS’, ‘TRUSTSEC’

reauth

Added Attribute ‘reauth’ to determine reauthentication policy

webRedirection

Added Attribute ‘webRedirection’ to support selection of portal redirection

acl

Added String Attribute ‘acl’

trackMovement

Added Boolean Attribute ‘trackMovement’


Resource Definition

Attribute

Type

Required

Description

Default Values

Example Values

name

String

Yes

Resource Name

name

id

String

No

Resource UUID value

id

description

String

No

description

vlan

List

No

  • nameID

String

Yes

vlanName

  • tagID

Integer

Yes

Valid range is 0-31

1

airespaceACL

String

No

ACL

webRedirection

List

No

  • WebRedirectionType

String

Yes

Value MUST be one of the following:CentralizedWebAuth, HotSpot, NativeSupplicanProvisioning, ClientProvisioning. The WebRedirectionType must fit the portalName

CentralizedWebAuth

  • acl

String

Yes

acl

  • portalName

String

Yes

A portal that exist in the DB and fits the WebRedirectionType

Sponsored Guest Portal (default)

  • staticIPHostNameFQDN

String

No

10.56.54.200

  • displayCertificatesRenewalMessages

Boolean

No

The displayCertificatesRenewalMessages is mandatory when ‘WebRedirectionType’ value is ‘CentralizedWebAuth’. For all other ‘WebRedirectionType’ values the field must be ignored

true

accessType

Enum

No

Allowed Values: ACCESS_ACCEPT, ACCESS_REJECT

ACCESS_ACCEPT

authzProfileType

Enum

No

Allowed Values: SWITCH, TRUSTSEC, TACACS

SWITCH

SWITCH is used for Standard Authorization Profiles

profileName

String

No

Cisco

acl

String

No

aclfilter

daclName

String

No

PERMIT_ALL_IPV4_TRAFFIC

autoSmartPort

String

No

autoSmartPort

interfaceTemplate

Sring

No

interfaceTemplate

ipv6ACLFilter

String

No

ipv6ACLFilter

avcProfile

String

No

avcProfile

asaVpn

String

No

Cisco:cisco-call-type

trackMovement

Boolean

No

false

serviceTemplate

Boolean

No

false

easywiredSessionCandidate

Boolean

No

false

voiceDomainPermission

Boolean

No

false

neat

Boolean

No

false

webAuth

Boolean

No

false

macSecPolicy

Enum

No

Allowed Values: MUST_SECURE, MUST_NOT_SECURE, SHOULD_SECURE

MUST_SECURE

reauth

List

No

  • connectivity

Enum

Yes

Allowed Values: DEFAULT, RADIUS_REQUEST

RADIUS_REQUEST

  • timer

Integer

Yes

Valid range is 1-65535

1800

advancedAttributes

List

No

  • leftHandSideDictionaryAttribue

List

Yes

Left side Dictionary and Attribute

  • dictionaryName

String

Yes

Dictionary name

  • attributeName

String

Yes

Attribute name

  • rightHandSideAttribueValue

LIst

Yes

Attribute value can be of type AttributeValue or AdvancedDictionaryAttribute. For AttributeValue the value is String, For AdvancedDictionaryAttribute the value is dictionaryName and attributeName properties

ipv6DaclName

String

No

PERMIT_ALL_IPV6_TRAFFIC

airespaceIPv6ACL

String

No

ACL6

get_authorization_profile_by_name(name, headers=None, **query_parameters)[source]

This API allows the client to get an authorization profile by name.

Parameters
  • name (basestring) – name path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_name(name, headers=None, **query_parameters)[source]

Alias for get_authorization_profile_by_name

get_authorization_profile_by_id(id, headers=None, **query_parameters)[source]

This API allows the client to get an authorization profile by ID.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_id(id, headers=None, **query_parameters)[source]

Alias for get_authorization_profile_by_id

update_authorization_profile_by_id(id, access_type=None, acl=None, advanced_attributes=None, agentless_posture=None, airespace_acl=None, airespace_ipv6_acl=None, asa_vpn=None, authz_profile_type=None, auto_smart_port=None, avc_profile=None, dacl_name=None, description=None, easywired_session_candidate=None, interface_template=None, ipv6_acl_filter=None, ipv6_dacl_name=None, mac_sec_policy=None, name=None, neat=None, profile_name=None, reauth=None, service_template=None, track_movement=None, vlan=None, voice_domain_permission=None, web_auth=None, web_redirection=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to update an authorization profile.

Parameters
  • access_type (string) – Allowed Values: ACCESS_ACCEPT, ACCESS_REJECT, property of the request body.

  • acl (string) – acl, property of the request body.

  • advanced_attributes (list) – advancedAttributes, property of the request body (list of objects).

  • agentless_posture (boolean) – agentlessPosture, property of the request body.

  • airespace_acl (string) – airespaceACL, property of the request body.

  • airespace_ipv6_acl (string) – airespaceIPv6ACL, property of the request body.

  • asa_vpn (string) – asaVpn, property of the request body.

  • authz_profile_type (string) – Allowed Values: SWITCH, TRUSTSEC, TACACS SWITCH is used for Standard Authorization Profiles, property of the request body.

  • auto_smart_port (string) – autoSmartPort, property of the request body.

  • avc_profile (string) – avcProfile, property of the request body.

  • dacl_name (string) – daclName, property of the request body.

  • description (string) – description, property of the request body.

  • easywired_session_candidate (boolean) – easywiredSessionCandidate, property of the request body.

  • id (basestring) – Resource UUID value, property of the request body.

  • interface_template (string) – interfaceTemplate, property of the request body.

  • ipv6_acl_filter (string) – ipv6ACLFilter, property of the request body.

  • ipv6_dacl_name (string) – ipv6DaclName, property of the request body.

  • mac_sec_policy (string) – Allowed Values: MUST_SECURE, MUST_NOT_SECURE, SHOULD_SECURE, property of the request body.

  • name (string) – Resource Name, property of the request body.

  • neat (boolean) – neat, property of the request body.

  • profile_name (string) – profileName, property of the request body.

  • reauth (object) – reauth, property of the request body.

  • service_template (boolean) – serviceTemplate, property of the request body.

  • track_movement (boolean) – trackMovement, property of the request body.

  • vlan (object) – vlan, property of the request body.

  • voice_domain_permission (boolean) – voiceDomainPermission, property of the request body.

  • web_auth (boolean) – webAuth, property of the request body.

  • web_redirection (object) – webRedirection, property of the request body.

  • id – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

update_by_id(id, access_type=None, acl=None, advanced_attributes=None, agentless_posture=None, airespace_acl=None, airespace_ipv6_acl=None, asa_vpn=None, authz_profile_type=None, auto_smart_port=None, avc_profile=None, dacl_name=None, description=None, easywired_session_candidate=None, interface_template=None, ipv6_acl_filter=None, ipv6_dacl_name=None, mac_sec_policy=None, name=None, neat=None, profile_name=None, reauth=None, service_template=None, track_movement=None, vlan=None, voice_domain_permission=None, web_auth=None, web_redirection=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for update_authorization_profile_by_id

delete_authorization_profile_by_id(id, headers=None, **query_parameters)[source]

This API deletes an authorization profile.

Parameters
  • id (basestring) – id path parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

delete_by_id(id, headers=None, **query_parameters)[source]

Alias for delete_authorization_profile_by_id

get_authorization_profiles(page=None, size=None, headers=None, **query_parameters)[source]

This API allows the client to get all authorization profiles.

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(page=None, size=None, headers=None, **query_parameters)[source]

Alias for get_authorization_profiles

get_authorization_profiles_generator(page=None, size=None, headers=None, **query_parameters)[source]

This API allows the client to get all authorization profiles.

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

A generator object containing the following object.

  • RestResponse: REST response with following properties:

    • headers(MyDict): response headers.

    • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

    • content(bytes): representation of the request’s response

    • text(str): representation of the request’s response

Return type

Generator

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all_generator(page=None, size=None, headers=None, **query_parameters)[source]

Alias for get_authorization_profiles_generator

create_authorization_profile(access_type=None, acl=None, advanced_attributes=None, agentless_posture=None, airespace_acl=None, airespace_ipv6_acl=None, asa_vpn=None, authz_profile_type=None, auto_smart_port=None, avc_profile=None, dacl_name=None, description=None, easywired_session_candidate=None, id=None, interface_template=None, ipv6_acl_filter=None, ipv6_dacl_name=None, mac_sec_policy=None, name=None, neat=None, profile_name=None, reauth=None, service_template=None, track_movement=None, vlan=None, voice_domain_permission=None, web_auth=None, web_redirection=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API creates an authorization profile.

Parameters
  • access_type (string) – Allowed Values: ACCESS_ACCEPT, ACCESS_REJECT, property of the request body.

  • acl (string) – acl, property of the request body.

  • advanced_attributes (list) – advancedAttributes, property of the request body (list of objects).

  • agentless_posture (boolean) – agentlessPosture, property of the request body.

  • airespace_acl (string) – airespaceACL, property of the request body.

  • airespace_ipv6_acl (string) – airespaceIPv6ACL, property of the request body.

  • asa_vpn (string) – asaVpn, property of the request body.

  • authz_profile_type (string) – Allowed Values: SWITCH, TRUSTSEC, TACACS SWITCH is used for Standard Authorization Profiles, property of the request body.

  • auto_smart_port (string) – autoSmartPort, property of the request body.

  • avc_profile (string) – avcProfile, property of the request body.

  • dacl_name (string) – daclName, property of the request body.

  • description (string) – description, property of the request body.

  • easywired_session_candidate (boolean) – easywiredSessionCandidate, property of the request body.

  • id (string) – Resource UUID value, property of the request body.

  • interface_template (string) – interfaceTemplate, property of the request body.

  • ipv6_acl_filter (string) – ipv6ACLFilter, property of the request body.

  • ipv6_dacl_name (string) – ipv6DaclName, property of the request body.

  • mac_sec_policy (string) – Allowed Values: MUST_SECURE, MUST_NOT_SECURE, SHOULD_SECURE, property of the request body.

  • name (string) – Resource Name, property of the request body.

  • neat (boolean) – neat, property of the request body.

  • profile_name (string) – profileName, property of the request body.

  • reauth (object) – reauth, property of the request body.

  • service_template (boolean) – serviceTemplate, property of the request body.

  • track_movement (boolean) – trackMovement, property of the request body.

  • vlan (object) – vlan, property of the request body.

  • voice_domain_permission (boolean) – voiceDomainPermission, property of the request body.

  • web_auth (boolean) – webAuth, property of the request body.

  • web_redirection (object) – webRedirection, property of the request body.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

create(access_type=None, acl=None, advanced_attributes=None, agentless_posture=None, airespace_acl=None, airespace_ipv6_acl=None, asa_vpn=None, authz_profile_type=None, auto_smart_port=None, avc_profile=None, dacl_name=None, description=None, easywired_session_candidate=None, id=None, interface_template=None, ipv6_acl_filter=None, ipv6_dacl_name=None, mac_sec_policy=None, name=None, neat=None, profile_name=None, reauth=None, service_template=None, track_movement=None, vlan=None, voice_domain_permission=None, web_auth=None, web_redirection=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for create_authorization_profile

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the authorization profile.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

byod_portal

class ByodPortal[source]

Identity Services Engine BYODPortal API (version: 3.1.0).

Wraps the Identity Services Engine BYODPortal API and exposes the API as native Python methods that return native Python objects.

BYOD Portal API provides the ability to Create, Read, Update, Delete and Search BYOD portals.

Revision History

Revision #

Resource Version

Cisco ISE Version

Description

0

1.0

2.2

Initial Cisco ISE Version


Resource Definition

Attribute

Type

Required

Description

Default Values

Example Values

name

String

Yes

Resource Name

BYOD Portal (default)

id

String

No

Resource UUID, mandatory for update

9a9b910c-54d3-44a4-a3c3-dd007c171599

description

String

No

Default portal and user experience used when employees register a personal device on the network

portalTestUrl

String

No

URL to bring up a test page for this portal

https://{ise-ip}:8443/portal/PortalSetup.action?portal=9a9b910c-54d3-44a4-a3c3-dd007c171599

portalType

Enum

Yes

Allowed values: BYOD, HOTSPOTGUEST, MYDEVICE, SELFREGGUEST, SPONSOR, SPONSOREDGUEST

BYOD

settings

List

No

Defines all of the settings groups available for a BYOD

  • portalSettings

List

No

The port, interface, certificate, and other basic settings of a portal

  • httpsPort

Integer

Yes

The port number that the allowed interfaces will listen on. Range from 8000 to 8999

8443

  • allowedInterfaces

Enum

Yes

Interfaces that the portal will be reachable on. Allowed values: eth0, eth1, eth2, eth3, eth4, eth5, bond0, bond1, bond2

[ “eth0”, “bond0” ]

  • certificateGroupTag

String

Yes

Logical name of the x.509 server certificate that will be used for the portal

Default Portal Certificate Group

  • endpointIdentityGroup

String

Yes

Unique Id of the endpoint identity group where user’s devices will be added. Used only in Hotspot Portal

  • displayLang

Enum

No

Allowed values: USEBROWSERLOCALE, ALWAYSUSE

USEBROWSERLOCALE

  • fallbackLanguage

String

No

Used when displayLang = USEBROWSERLOCALE

English

  • alwaysUsedLanguage

String

No

Used when displayLang = ALWAYSUSE

English

  • byodSettings

List

No

Configuration of BYOD Device Welcome, Registration and Success steps

  • byodWelcomeSettings

List

No

Configuration of BYOD endpoint welcome step configuration

  • enableBYOD

Boolean

No

true

  • enableGuestAccess

Boolean

No

false

  • requireMDM

Boolean

No

false

  • includeAup

Boolean

No

true

  • aupDisplay

Enum

No

How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. Allowed values: ONPAGE, ASLINK

ONPAGE

  • requireAupAcceptance

Boolean

No

false

  • requireScrolling

Boolean

No

Require BYOD devices to scroll down to the bottom of the AUP, Only valid if includeAup = true

false

  • byodRegistrationSettings

List

No

Configuration of BYOD endpoint Registration step configuration

  • showDeviceID

Boolean

No

Display Device ID field during registration

true

  • endPointIdentityGroupId

String

No

Identity group id for which endpoint belongs

aa13bb40-8bff-11e6-996c-525400b48521

  • byodRegistrationSuccessSettings

List

No

Configuration of BYOD endpoint Registration Success step configuration

  • successRedirect

Enum

No

After an Authentication Success where should device be redirected.

AUTHSUCCESSPAGE

  • redirectUrl

String

No

Target URL for redirection, used when successRedirect = URL

Redirect URL

  • supportInfoSettings

List

No

Configuration of BYOD endpoint welcome step configuration

  • includeSupportInfoPage

Boolean

No

false

  • includeMacAddr

Boolean

No

false

  • includeIpAddress

Boolean

No

false

  • includeBrowserUserAgent

Boolean

No

false

  • includePolicyServer

Boolean

No

false

  • includeFailureCode

Boolean

No

false

  • emptyFieldDisplay

Enum

No

Specifies how empty fields are handled on the Support Information Page.

HIDE

  • defaultEmptyFieldValue

String

No

The default value displayed for an empty field Only valid when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE

customizations

List

No

Defines all of the Portal Customizations available for a BYOD

  • portalTheme

List

No

Defines the configuration for portal theme

  • id

String

No

The unique internal identifier of the portal theme

9eb421c0-8c01-11e6-996c-525400b48521

  • name

String

Yes

The system- or user-assigned name of the portal theme

Default Blue theme

  • themeData

String

No

A CSS file, represented as a Base64-encoded byte array

Base 64 encoded string of Theme CSS file

  • portalTweakSettings

List

No

The Tweak Settings are a customization of the Portal Theme that has been selected for the portal. When the Portal Theme selection is changed, the Tweak Settings are overwritten to match the values in the theme. The Tweak Settings can subsequently be changed by the user

  • bannerColor

String

No

Hex value of color

#0000FF

  • bannerTextColor

String

No

Banner Text color code from GUI

  • pageBackgroundColor

String

No

Color code from GUI

  • pageLabelAndTextColor

String

No

Label and Text color from GUI

  • language

List

No

This property is supported only for Read operation and it allows to show the customizations in English. Other languages are not supported

  • viewLanguage

String

No

English

  • globalCustomizations

List

No

Represent the portal Global customizations

  • bannerTitle

String

No

BYOD Portal

  • contactText

String

No

Contact Support

  • footerElement

String

No

Footer Element

  • mobileLogoImage

Image

No

  • data

String

No

Represented as base 64 encoded string of the image byte array

base 64 encoded value of image

  • desktopLogoImage

Image

No

  • data

String

No

Represented as base 64 encoded string of the image byte array

base 64 encoded value of image

  • bannerImage

Image

No

  • data

String

No

Represented as base 64 encoded string of the image byte array

base 64 encoded value of image

  • backgroundImage

Image

No

  • data

String

No

Represented as base 64 encoded string of the image byte array

base 64 encoded value of image

  • pageCustomizations

List

No

Represent the entire page customization as a giant dictionary

  • data

List

No

The Dictionary will be exposed here as key value pair

  • key

String

Yes

ui_contact_ip_address_label

  • value

String

Yes

SVAgYWRkcmVzczo=

get_byod_portal_by_id(id, headers=None, **query_parameters)[source]

This API allows the client to get a BYOD portal by ID.

Parameters
  • id (basestring) – id path parameter. Portal id.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_by_id(id, headers=None, **query_parameters)[source]

Alias for get_byod_portal_by_id

update_byod_portal_by_id(id, customizations=None, description=None, name=None, portal_test_url=None, portal_type=None, settings=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API allows the client to update a BYOD portal by ID.

Parameters
  • customizations (object) – Defines all of the Portal Customizations available for a BYOD, property of the request body.

  • description (string) – description, property of the request body.

  • id (basestring) – Resource UUID, mandatory for update, property of the request body.

  • name (string) – Resource Name, property of the request body.

  • portal_test_url (string) – URL to bring up a test page for this portal, property of the request body.

  • portal_type (string) – Allowed values: BYOD, HOTSPOTGUEST, MYDEVICE, SELFREGGUEST, SPONSOR, SPONSOREDGUEST, property of the request body.

  • settings (object) – Defines all of the settings groups available for a BYOD, property of the request body.

  • id – id path parameter. Portal id.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

update_by_id(id, customizations=None, description=None, name=None, portal_test_url=None, portal_type=None, settings=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for update_byod_portal_by_id

delete_byod_portal_by_id(id, headers=None, **query_parameters)[source]

This API deletes a BYOD portal by ID.

Parameters
  • id (basestring) – id path parameter. Portal id.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

delete_by_id(id, headers=None, **query_parameters)[source]

Alias for delete_byod_portal_by_id

get_byod_portal(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

This API allows the client to get all the BYOD portals. Filter: [name, description] To search resources by using toDate column,follow the format: DD-MON-YY (Example:13-SEP-18) Day or Year:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13 Month:GET /ers/config/guestuser/?filter=toDate.CONTAINS.SEP Date:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13-SEP-18 Sorting: [name, description].

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sortasc (basestring) – sortasc query parameter. sort asc.

  • sortdsc (basestring) – sortdsc query parameter. sort desc.

  • filter (basestring, list, set, tuple) – filter query parameter. Simple filtering should be available through the filter query string parameter. The structure of a filter is a triplet of field operator and value separated with dots. More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the “filterType=or” query string parameter. Each resource Data model description should specify if an attribute is a filtered field. (Operator: Description), (EQ: Equals), (NEQ: Not Equals), (GT: Greater Than), (LT: Less Then), (STARTSW: Starts With), (NSTARTSW: Not Starts With), (ENDSW: Ends With), (NENDSW: Not Ends With), (CONTAINS: Contains), (NCONTAINS: Not Contains), .

  • filter_type (basestring) – filterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

Alias for get_byod_portal

get_byod_portal_generator(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

This API allows the client to get all the BYOD portals. Filter: [name, description] To search resources by using toDate column,follow the format: DD-MON-YY (Example:13-SEP-18) Day or Year:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13 Month:GET /ers/config/guestuser/?filter=toDate.CONTAINS.SEP Date:GET /ers/config/guestuser/?filter=toDate.CONTAINS.13-SEP-18 Sorting: [name, description].

Parameters
  • page (int) – page query parameter. Page number.

  • size (int) – size query parameter. Number of objects returned per page.

  • sortasc (basestring) – sortasc query parameter. sort asc.

  • sortdsc (basestring) – sortdsc query parameter. sort desc.

  • filter (basestring, list, set, tuple) – filter query parameter. Simple filtering should be available through the filter query string parameter. The structure of a filter is a triplet of field operator and value separated with dots. More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the “filterType=or” query string parameter. Each resource Data model description should specify if an attribute is a filtered field. (Operator: Description), (EQ: Equals), (NEQ: Not Equals), (GT: Greater Than), (LT: Less Then), (STARTSW: Starts With), (NSTARTSW: Not Starts With), (ENDSW: Ends With), (NENDSW: Not Ends With), (CONTAINS: Contains), (NCONTAINS: Not Contains), .

  • filter_type (basestring) – filterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and can be changed by using the parameter.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

A generator object containing the following object.

  • RestResponse: REST response with following properties:

    • headers(MyDict): response headers.

    • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

    • content(bytes): representation of the request’s response

    • text(str): representation of the request’s response

Return type

Generator

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

get_all_generator(filter=None, filter_type=None, page=None, size=None, sortasc=None, sortdsc=None, headers=None, **query_parameters)[source]

Alias for get_byod_portal_generator

create_byod_portal(customizations=None, description=None, id=None, name=None, portal_test_url=None, portal_type=None, settings=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

This API creates a BYOD portal.

Parameters
  • customizations (object) – Defines all of the Portal Customizations available for a BYOD, property of the request body.

  • description (string) – description, property of the request body.

  • id (string) – Resource UUID, mandatory for update, property of the request body.

  • name (string) – Resource Name, property of the request body.

  • portal_test_url (string) – URL to bring up a test page for this portal, property of the request body.

  • portal_type (string) – Allowed values: BYOD, HOTSPOTGUEST, MYDEVICE, SELFREGGUEST, SPONSOR, SPONSOREDGUEST, property of the request body.

  • settings (object) – Defines all of the settings groups available for a BYOD, property of the request body.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

create(customizations=None, description=None, id=None, name=None, portal_test_url=None, portal_type=None, settings=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Alias for create_byod_portal

get_version(headers=None, **query_parameters)[source]

This API helps to retrieve the version information related to the BYOD portal.

Parameters
  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • **query_parameters – Additional query parameters (provides support for parameters that may be added in the future).

Returns

REST response with following properties:

  • headers(MyDict): response headers.

  • response(MyDict): response body as a MyDict object. Access the object’s properties by using the dot notation or the bracket notation.

  • content(bytes): representation of the request’s response

  • text(str): representation of the request’s response

Return type

RestResponse

Raises
  • TypeError – If the parameter types are incorrect.

  • MalformedRequest – If the request body created is invalid.

  • ApiError – If the Identity Services Engine cloud returns an error.

backup_and_restore

class BackupAndRestore[source]

Identity Services Engine Backup And Restore API (version: 3.1.0).

Wraps the Identity Services Engine Backup And Restore API and exposes the API as native Python methods that return native Python objects.

config_backup(backup_encryption_key=None, backup_name=None, repository_name=None, headers=None, payload=None, active_validation=True, **query_parameters)[source]

Triggers on demand configuration backup on the ISE node. The API returns the task ID. Use the Task Service status API to get the status of the backup job.

Parameters
  • backup_encryption_key (string) – The encyption key for the backed up file. Encryption key must satisfy the following criteria Contains at least one uppercase letter [A-Z], Contains at least one lowercase letter [a-z], Contains at least one digit [0-9], Contain only [A-Z][a-z][0-9]_#, Has at least 8 characters, Has not more than 15 characters, Must not contain ‘CcIiSsCco’, Must not begin with, property of the request body.

  • backup_name (string) – The backup file will get saved with this name., property of the request body.

  • repository_name (string) – Name of the configured repository where the generated backup file will get copied., property of the request body.

  • headers (dict) – Dictionary of HTTP Headers to send with the Request .

  • payload (dict) – A JSON serializable Python object to send in the body of the Request.

  • active_validation (bool) – Enable/Disable payload validation. Defaults to True.

  • **query_parameters – Additional query parameters (provides support for parameters that may be