05-04-2021 03:28 AM
Hi Everyone ,
I am try to access the External RESTful Services SDK but I cant access the resources . I want to if this is how you can access the SDK from the browser https://ise-cscio:192.xxxxxxxx:9060/ers/sdk
Thank you ,
Richard
Solved! Go to Solution.
05-04-2021 03:50 AM
Ensure ERS is enabled, refer to this link https://developer.cisco.com/docs/identity-services-engine/2.6/#!setting-up/enable-ers-port-9060
Once you have enabled the REST API in ISE, you may use any SuperAdmin, ERS Admin or ERS Operator group accounts to view the API SDK on your ISE PAN node at https://ise-pan:9060/ers/sdk. Replace "ise-pan" with your ISE node IP address or FQDN.
More information on using ISE ERS API.
https://community.cisco.com/t5/security-documents/ise-ers-api-examples/ta-p/3622623
05-04-2021 03:50 AM
Ensure ERS is enabled, refer to this link https://developer.cisco.com/docs/identity-services-engine/2.6/#!setting-up/enable-ers-port-9060
Once you have enabled the REST API in ISE, you may use any SuperAdmin, ERS Admin or ERS Operator group accounts to view the API SDK on your ISE PAN node at https://ise-pan:9060/ers/sdk. Replace "ise-pan" with your ISE node IP address or FQDN.
More information on using ISE ERS API.
https://community.cisco.com/t5/security-documents/ise-ers-api-examples/ta-p/3622623
05-04-2021 04:14 AM
Hi @Rob Ingram
Thank you for assistance . I tried to write a script to create Internal User with for ISE but I got an error while my code
This is the error
Traceback (most recent call last):
File "C:\Users\ghibuser\Desktop\ISEInternalUserTest.py", line 37, in <module>
req_body_json = """{{
IndexError: Replacement index 8 out of range for positional args tuple
This my command for run the code
python ISEInternalUserTest.py 192.198.1.1 ers-admin admin20! robert Robert Mensah Password1 rmensah@gha.com Employee 12/26/2021
This is my code
#!/usr/bin/python
import http.client
import base64
import ssl
import sys
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
print ("The no of command line arguments: ",len(sys.argv))
argv = sys.argv[1]
print ("The name of the script: ", sys.argv[0])
print ("The argument are: ", argv)
#parameters
id = sys.argv[4] # "B100"
userName = sys.argv[5] # "robert"
firstName = sys.argv[6] # "Robert"
lastName = sys.argv[7] # " Mensah"
password = sys.argv[8] # "Password1"
emailAddress = sys.argv[9] # "rmensah@ghanabank.co.uk
expiryDate = sys.argv[10] # “12/26/2022”
identityGroups = sys.argv[11] # “Employee”
# host and authentication credentials
host = sys.argv[1] # "192.198.1.1"
user = sys.argv[2] # “ers.admin”
password = sys.argv[3] # “admin20!”
conn = http.client.HTTPSConnection("{}:9060".format(host), context=ssl.SSLContext(ssl.PROTOCOL_TLS))
creds = str.encode(':'.join((user, password)))
encodedAuth = bytes.decode(base64.b64encode(creds))
req_body_json = """{{
\"InternalUser\" : {{
\"id"\ : "\{}\",
"userinfo":{{
\"Name\" : "\{}\",
\"description"\ : "\{}\",
"enabled" : true,
\"email\" : "\{}\",
\"password\" : "\{}\",
\"firstName\" : "\{}\",
\"lastName\" : "\{}\",
\"changePassword\" : true,
\"identityGroups\" : "\{}\",
"expiryDateEnabled" : false,
}},
"userAccessInfo" : {{
"expiryDate" : "\{}\",
"enablePassword" : "enablePassword",
}}
"customAttributes" : {
"key1" : "value1",
"key2" : "value3"
},
"passwordIDStore" : "Internal Users"
}
}}
}}""".format(id,userName,firstName,lastName,emailAddress,password,identityGroups,expiryDate)
headers = {
'accept': "application/json",
'content-type': "application/json",
'authorization': " ".join(("Basic",encodedAuth)),
'cache-control': "no-cache",
}
conn.request("POST", "/ers/config/internaluser/", headers=headers, body=req_body_json)
es = conn.getresponse()
data = res.read()
print("Status: {}".format(res.status))
print("Header:\n{}".format(res.headers))
print("Body:\n{}".format(data.decode("utf-8")))
print('-'*80)
print(req_body_json)
print('-'*80)
Any suggestions are welcomed
Thank you
This my code
05-04-2021 04:58 AM
Not sure, I am not so familar with python code. Is your IP address 192.198.1.1 correct, shouldn't it be 192.168.1.1
Cisco have provided a working example of creating an Internal user in ISE here.
05-04-2021 06:49 AM
Richard,
Many of your questions are answered in the document ISE ERS API Examples.
We also host the SDK in Cisco DevNet @ https://cs.co/ise-api
See https://cs.co/ise-resources for additional ISE documents including APIs
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide