Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
585
Views
1
Helpful
3
Replies

About POST of API in ISE 3.1

suzuki1436
Level 1
Level 1

‎07-28-2023 10:53 PM

Hi,

I don't know if there is a question method for my first post, but please let me post

We would like to use the API in Cisco ISE 3.1 to post a large number of Policyset contents with POSTMAN.

However, when creating a new file, a resource id is required for the href in the json file, and the resource id is unique, so POST is not possible.

According to the API documentation,
Since you need the resource id,
Is it possible to create a new policy with POST?

Is it better to limit the use of ISE API to GET only?

I am at a loss and would like some advice. 

0 Helpful
3 Replies 3

hslai
Cisco Employee
Cisco Employee

‎07-29-2023 09:41 PM

Sorry but that API documentation example is poor. Try this

curl -X 'POST' \
  'https://{{ISE_IP}}/api/v1/policy/network-access/policy-set' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -d '{
      "name": "test2",
      "rank": 0,
      "state": "disabled",
      "condition": {
        "conditionType": "ConditionAttributes",
        "isNegate": false,
        "dictionaryName": "DEVICE",
        "attributeName": "Device Type",
        "operator": "equals",
        "attributeValue": "All Device Types#TEST"
      },
      "serviceName": "Default Network Access"
}'

suzuki1436
Level 1
Level 1
In response to hslai

‎07-30-2023 12:40 AM - edited ‎07-30-2023 12:47 AM

Thank you for your reply,

I was creating JSON while referring to the API document of Cisco ISE.
https://developer.cisco.com/docs/identity-services-engine/latest/

When creating a new resource, I found that the resource ID was unnecessary and was able to successfully enter it.

 

 

However, with the following syntax, a 400 Bad Request error is output when multiple policies are submitted.

Individual test1 and test2 can be submitted and no error occurs.

I don't think there is anything wrong with
Could you give me some advice?

 

 

 

[
    {
        "default": false,
        "name": "test",
        "description": "test",
        "hitCounts": 0,
        "rank": 0,
        "state": "enabled",
        "condition": {
            "link": null,
            "conditionType": "ConditionAndBlock",
            "isNegate": false,
            "children": [
                {
                    "link": null,
                    "conditionType": "ConditionAttributes",
                    "isNegate": false,
                    "dictionaryName": "Normalised Radius",
                    "attributeName": "SSID",
                    "operator": "matches",
                    "dictionaryValue": null,
                    "attributeValue": ".*(test).*"
                },
                {
                    "link": null,
                    "conditionType": "ConditionAttributes",
                    "isNegate": false,
                    "dictionaryName": "Radius",
                    "attributeName": "Service-Type",
                    "operator": "equals",
                    "dictionaryValue": null,
                    "attributeValue": "Login"
                }
            ]
        },
        "serviceName": "PAP_only",
        "isProxy": false
    },
    {
        "default": false,
        "name": "test2",
        "description": "test2",
        "hitCounts": 0,
        "rank": 0,
        "state": "enabled",
        "condition": {
            "link": null,
            "conditionType": "ConditionAndBlock",
            "isNegate": false,
            "children": [
                {
                    "link": null,
                    "conditionType": "ConditionReference",
                    "isNegate": false,
                    "name": "Wireless_MAB",
                    "id": "05821b8e-a733-409e-94f4-bb4e5548856e",
                },
                {
                    "link": null,
                    "conditionType": "ConditionAttributes",
                    "isNegate": false,
                    "dictionaryName": "DEVICE",
                    "attributeName": "Location",
                    "operator": "equals",
                    "dictionaryValue": null,
                    "attributeValue": "All Locations#test"
                }
            ]
        },
        "serviceName": "MAC_only",
        "isProxy": false
    }
]

 

 

 

0 Helpful

thomas
Cisco Employee
Cisco Employee
In response to suzuki1436

‎07-30-2023 02:49 PM

When creating a resource via REST for the first time, I highly recommend creating it in the GUI first then doing a GET to see what the properly formed request looks like. You may then use that as the template for how to create objects similar to that in the future.

You may only create a single object at a time using the POST command unless a BULK POST is supported by the resource.

0 Helpful
Customers Also Viewed These Support Documents