07-28-2023 10:53 PM
Hi,
I don't know if there is a question method for my first post, but please let me post
We would like to use the API in Cisco ISE 3.1 to post a large number of Policyset contents with POSTMAN.
However, when creating a new file, a resource id is required for the href in the json file, and the resource id is unique, so POST is not possible.
According to the API documentation,
Since you need the resource id,
Is it possible to create a new policy with POST?
Is it better to limit the use of ISE API to GET only?
I am at a loss and would like some advice.
07-29-2023 09:41 PM
Sorry but that API documentation example is poor. Try this
curl -X 'POST' \
'https://{{ISE_IP}}/api/v1/policy/network-access/policy-set' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"name": "test2",
"rank": 0,
"state": "disabled",
"condition": {
"conditionType": "ConditionAttributes",
"isNegate": false,
"dictionaryName": "DEVICE",
"attributeName": "Device Type",
"operator": "equals",
"attributeValue": "All Device Types#TEST"
},
"serviceName": "Default Network Access"
}'
07-30-2023 12:40 AM - edited 07-30-2023 12:47 AM
Thank you for your reply,
I was creating JSON while referring to the API document of Cisco ISE.
https://developer.cisco.com/docs/identity-services-engine/latest/
When creating a new resource, I found that the resource ID was unnecessary and was able to successfully enter it.
However, with the following syntax, a 400 Bad Request error is output when multiple policies are submitted.
Individual test1 and test2 can be submitted and no error occurs.
I don't think there is anything wrong with
Could you give me some advice?
[
{
"default": false,
"name": "test",
"description": "test",
"hitCounts": 0,
"rank": 0,
"state": "enabled",
"condition": {
"link": null,
"conditionType": "ConditionAndBlock",
"isNegate": false,
"children": [
{
"link": null,
"conditionType": "ConditionAttributes",
"isNegate": false,
"dictionaryName": "Normalised Radius",
"attributeName": "SSID",
"operator": "matches",
"dictionaryValue": null,
"attributeValue": ".*(test).*"
},
{
"link": null,
"conditionType": "ConditionAttributes",
"isNegate": false,
"dictionaryName": "Radius",
"attributeName": "Service-Type",
"operator": "equals",
"dictionaryValue": null,
"attributeValue": "Login"
}
]
},
"serviceName": "PAP_only",
"isProxy": false
},
{
"default": false,
"name": "test2",
"description": "test2",
"hitCounts": 0,
"rank": 0,
"state": "enabled",
"condition": {
"link": null,
"conditionType": "ConditionAndBlock",
"isNegate": false,
"children": [
{
"link": null,
"conditionType": "ConditionReference",
"isNegate": false,
"name": "Wireless_MAB",
"id": "05821b8e-a733-409e-94f4-bb4e5548856e",
},
{
"link": null,
"conditionType": "ConditionAttributes",
"isNegate": false,
"dictionaryName": "DEVICE",
"attributeName": "Location",
"operator": "equals",
"dictionaryValue": null,
"attributeValue": "All Locations#test"
}
]
},
"serviceName": "MAC_only",
"isProxy": false
}
]
07-30-2023 02:49 PM
When creating a resource via REST for the first time, I highly recommend creating it in the GUI first then doing a GET to see what the properly formed request looks like. You may then use that as the template for how to create objects similar to that in the future.
You may only create a single object at a time using the POST command unless a BULK POST is supported by the resource.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide