Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
262
Views
2
Helpful
2
Replies

Assign to Identity Group based on Custom Attribute

Go to solution
Ash0907
Level 1
Level 1

‎03-09-2025 11:00 AM

Hi All!

A third party updates\creates endpoints in my system with specific Custom Attributes we've created together. I want to assign these new identities to specific identity groups based on these custom attributes value. How can this behavior be achieved?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arne Bier
VIP
VIP

‎03-10-2025 01:36 PM

How often would this be done? Programmatically (via API) or via other less sophisticated ways (e.g. via CSV import in bulk)?

I don't have a working lab at this moment in time - but have you tried exporting these endpoints via Context Visibility and checking if the custom attributes are included in the CSV export? If yes, then you should have a solution to filter the output in a spreadsheet (e.g. Excel Data filters) and then update the resulting endpoints with their new Endpoint Identity Group Name. And then re-import those updated endpoints.

A lot smarter would be via API - although, it would require development effort.

If you have a recent version of ISE with the Swagger UI, you can explore the API method via the ISE GUI. There appears to be support for setting the groupID (Endpoint Identity Group) in bulk API operations.

PUT /api/v1/endpoints/bulk/

The trick is to find the groupID (which is a hyphenated ID string) ahead of searching the endpoint database, and then creating a list of endpoints to update with such a bolk API call. 

 

View solution in original post

2 Replies 2

Go to solution
Arne Bier
VIP
VIP

‎03-10-2025 01:36 PM

How often would this be done? Programmatically (via API) or via other less sophisticated ways (e.g. via CSV import in bulk)?

I don't have a working lab at this moment in time - but have you tried exporting these endpoints via Context Visibility and checking if the custom attributes are included in the CSV export? If yes, then you should have a solution to filter the output in a spreadsheet (e.g. Excel Data filters) and then update the resulting endpoints with their new Endpoint Identity Group Name. And then re-import those updated endpoints.

A lot smarter would be via API - although, it would require development effort.

If you have a recent version of ISE with the Swagger UI, you can explore the API method via the ISE GUI. There appears to be support for setting the groupID (Endpoint Identity Group) in bulk API operations.

PUT /api/v1/endpoints/bulk/

The trick is to find the groupID (which is a hyphenated ID string) ahead of searching the endpoint database, and then creating a list of endpoints to update with such a bolk API call. 

 

Go to solution
Ash0907
Level 1
Level 1
In response to Arne Bier

‎04-14-2025 12:59 AM

Thanks @Arne Bier for your elaborate answer! The bulk endpoint is useful!

0 Helpful
Customers Also Viewed These Support Documents