cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2113
Views
5
Helpful
1
Replies

Create an Internal User with cURL and JSON on windows command prompt

Richie20
Level 1
Level 1

Hi Everyone 

I am trying to Create an Internal User with cURL and JSON on window command prompt  for cisco ISE. prompt  but I am  getting  these errors over again . can anyone help me out

this is curl command
curl --insecure --include --header 'Content-Type:application/josn' --header 'Accept:application/json' --user username:password --request POST https://ise.pan:9060/ers/config/internaluser --data ' { \"InternalUser\": {\"name\":\ "rigo\", \"passowrd\": "\Cisco12345\ " \changePassword\" : false} }' 

 

this is my error 
curl: (3) [globbing] unmatched brace in column 1
curl: (6) Could not resolve host: "InternalUser"
curl: (3) [globbing] unmatched brace in column 1
curl: (3) Port number ended with ' '
curl: (3) [globbing] unmatched close brace/bracket in column 26

curl: (3) [globbing] unmatched brace in column 1
curl: (6) Could not resolve host: "InternalUser"

 

curl: (3) [globbing] unmatched brace in column 1
curl: (3) Port number ended with ' '
curl: (3) [globbing] unmatched close brace/bracket in column 26

 

Any supports are  iappreciated 

1 Reply 1

thomas
Cisco Employee
Cisco Employee

I recognize this from my 20210406 ISE REST APIs Webinar curl commands! 8-)

Please watch the ISE REST APIs Webinar YouTube video to understand how I'm using environment variables ($ise_pan). If you are not going to use environment variables in your command lines for security, then replace these $ values with your actual username, password, and ise hostname.

This is the original:

curl \
--include 
--user $ise_rest_username:$ise_rest_password \
--header 'Content-Type:application/json' \
--header 'Accept: application/json' \
https://$ise_pan:9060/ers/config/internaluser \
--data '
{
    "InternalUser" : {
        "name" : "rigo",
        "password" : "C1sco12345",
        "changePassword" : false
    }
}'

 

There are several issues in your script.

1) Please be sure you are actually using the correct username and password for authentication and not username:password .

2) "ise.pan" is probably not a valid hostname in your environment. Please use the fully qualified hostname or IP address of your ISE PAN node.

3) Spell password correctly in the JSON you submit or you will get an error about that eventually too.

4) I see you are using Windows. Windows' DOS shell does not accept quotes the way *nix shells do and I could not get my command line above to work directly in DOS with the JSON content in single quotes.  8-(

To get the Windows DOS cmd shell to work with this example :

  • I gave up quoting and just put my JSON content into a .json text file and used the --data @internaluser.json option.
  • I had to use double-quotes (") and not single-quotes(') for my header values.
  • I used my explicit username and password values in the command line for this demo purpose but I highly recommend using environment variables for security reasons
  • I used the IP address of my ISE PAN to make it obvious
  • I used the --insecure option because in case you are using untrusted self-signed certificates or you do not have the IP address in the cert SAN field
  • I included the --header option to see the HTTP/1.1 201 response and the Location: field with the URL to my new internaluser
C:\Users\thomas>curl --insecure --include --user admin:C1sco12345 --header "Content-Type:application/json" --header "Accept: application/json" https://198.18.133.27:9060/ers/config/internaluser --data @internaluser.json
HTTP/1.1 201
Set-Cookie: JSESSIONIDSSO=E5491DB2FB4E943D068936DF5A2C1D50; Path=/; Secure; HttpOnly
Set-Cookie: APPSESSIONID=48F77CEF01B3DC2F04108B7BC15CF6E0; Path=/ers; Secure; HttpOnly
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
X-XSS-Protection: 1; mode=block
Location: https://198.18.133.27:9060/ers/config/internaluser/7a599a84-502e-40a7-aa7d-9fce71aced5a
Date: Thu, 06 May 2021 15:43:13 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 0
Server:

Contents of the internaluser.json file was simply:

{
    "InternalUser" : {
        "name" : "rigo",
        "password" : "C1sco12345",
        "changePassword" : false
    }
}

 

Consider installing and using Windows Subsystem for Linux (WSL2) for a proper CLI experience with scripting rather than dealing with the DOS command line conversions.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: