Solved: Re: How to execute BULK DELETE operation using Cisco ISE API? - Page 2

Tymofii Dmytrenko · ‎07-13-2019

Hi

I am trying to implement a bulk delete of Endpoints via Cisco ISE API (v2.4). I have to admit, it's a challenging task because API documentation is really poor when it comes to Bulk operations. In particular, all examples provided relate to BULK CREATE

I tried to re-use the same XML templates, but only gone as far as this:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns4:endpointBulkRequest operationType="delete" resourceMediaType="vnd.com.cisco.ise.identity.endpoint.1.0+xml" xmlns:ns6="sxp.ers.ise.cisco.com" xmlns:ns5="trustsec.ers.ise.cisco.com" xmlns:ns8="network.ers.ise.cisco.com" xmlns:ns7="anc.ers.ise.cisco.com" xmlns:ers="ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns4="identity.ers.ise.cisco.com">
  <ns4:resourcesList>
    <ns4:endpoint id="9e2edb00-6903-11e9-9573-46a7fd05b425">
      <mac></mac>
      <mdmAttributes></mdmAttributes>
      <portalUser></portalUser>
      <profileId></profileId>
      <staticGroupAssignment>false</staticGroupAssignment>
      <staticProfileAssignment>false</staticProfileAssignment>
    </ns4:endpoint>
    <ns4:endpoint id="63e2e5e0-6908-11e9-9573-46a7fd05b425">
      <mac></mac>
      <mdmAttributes></mdmAttributes>
      <portalUser></portalUser>
      <profileId></profileId>
      <staticGroupAssignment>false</staticGroupAssignment>
      <staticProfileAssignment>false</staticProfileAssignment>
    </ns4:endpoint>
  </ns4:resourcesList>
</ns4:endpointBulkRequest

However, when I try this snippet in the Postman, I get the following error:

{
  "ERSResponse": {
    "operation": "PUT-executeBulk-endpoint",
    "messages": [
      {
        "title": "invalid bulk request - resources list is not allowed for delete operation",
        "type": "ERROR",
        "code": "Application resource validation exception"
      }
    ],
    "link": {
      "rel": "related",
      "href": "https://lab-ise-2x-1.w1.lab:9060/ers/config/endpoint/bulk/submit",
      "type": "application/xml"
    }
  }
}

When I've read API docs, I found this confusing text:

Two types of bulk request available: 1) operation that requires the resource XML itself like creating or updating a resource. 2) Operation that requires the only resource id like delete, register endpoint, email guestuser etc... The bulk request supports 500 resources of the first type or 5000 of the second per a single request. Bulk Operation in ISE 1.3 release is supported for Endpoint and GuestUser. Please Check The API Documentation section for more details about each specific request.

What does it mean? Doea it mean I have to create a BULK request somehow separately and then execute it with SINGLE resource ID of that request? Or does it mean I have to provide a list of resource IDs only for the request to be successful? My understanding of BULK operations is that I have to provide a list of resource IDs and operation type.

How do I do this via XML? What is the template for DELETE operation?

Thanks

pn2020 · ‎05-11-2020

It worked for me too, with ISE 2.4. Thank you!

Cisco's bulk documentation is bad. There isn't instruction on bulk read, bulk delete. Only instructions on bulk create.

orp · ‎09-14-2020

Did anyone try to use bulk create to creat endpoints with custom attributes? It seems to not be possible according to the schema.