Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2702
Views
1
Helpful
3
Replies

ISE Single Click Sponsor Approval from email link

Go to solution
DanielC
Level 1
Level 1

‎12-31-2018 12:56 AM

Hello ISE experts,

 

Im tring to set up a sponsored guest sequence on ISE that should be as follows:

 

1. Guest will self-register and will input his Sponsor email - done

2. The sponsor email is checked by JS function for the company domain validity. done - found a guide in this community

3. The sponsor will receive an email with the user info, and 2 links - approve OR deny. - done

4. Once sponsor click approves, the user will be approved internet access without the Sponsor need to authenticate himself on the SPONSOR portal.

 

For what we need, it is enough that the sponsor email will be company domain (which is checked by JS in the self-reg page), and we want that everyone in the company will be able to EASILY approve guests internet access, with no AD integration, and by just clicking approve.

 

Is this possible? 

 

I did look in the Single-click approval guide, but I did not find this specific sequence

 

Thanks in advance

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions
3 Replies 3

Go to solution
DanielC
Level 1
Level 1
In response to Jason Kunst

‎01-21-2019 09:18 AM

Thank you for your input.

I will try to integrate AD with ISE, so is the ISE will check the sponsor email for validity in the AD group - which in my case will be all the users in the organization.

 

For a second question, i was able to activate OKTA authentication for the sponsor portal, but it seems that i cant have a " 2 click approval" - click the email approve link, and authenticate with OKTA. but it redirects the sponsor to the sponsor portal to check pending requests. This is something i would like to avoid, i don't need users to reach the portal, only approved user by authenticating with OKTA.

 

Is this possible, because it looks like after the sponsor is redirected to OKTA, the token is lost.

 

Thanks in advace

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to DanielC

‎01-21-2019 11:35 AM

Please open separate post
0 Helpful
Customers Also Viewed These Support Documents
Top