ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
385
Views
0
Helpful
1
Replies
Highlighted

Automation with ISE ERS API

Hello everyone, 

 

I am trying to automate adding network devices to ISE using python API calls to ISE with the requests module and using JSON for the modifying of the data. 

 

Here is an example of the code:

 

#### 

import requests
import requests.auth
import getpass
import json


Username = input("Enter API Username:")

Password = getpass.getpass("Enter API Password:")

headers = {'Content-Type': 'application/json', 'Accept': 'application/json'}

ISEjson= {
"NetworkDevice" : {
"id" : "123456789",
"name" : "networkDevice1",
"description" : "example nd",
"authenticationSettings" : {
"radiusSharedSecret" : "aaa",
"enableKeyWrap" : True,
"dtlsRequired" : True,
"keyEncryptionKey" : "1234567890123456",
"messageAuthenticatorCodeKey" : "12345678901234567890",
"keyInputFormat" : "ASCII"
},
"snmpsettings" : {
"version" : "ONE",
"roCommunity" : "aaa",
"pollingInterval" : 3600,
"linkTrapQuery" : True,
"macTrapQuery" : True,
"originatingPolicyServicesNode" : "Auto"
},
"trustsecsettings" : {
"deviceAuthenticationSettings" : {
"sgaDeviceId" : "networkDevice1",
"sgaDevicePassword" : "aaa"
},
"sgaNotificationAndUpdates" : {
"downlaodEnvironmentDataEveryXSeconds" : 86400,
"downlaodPeerAuthorizationPolicyEveryXSeconds" : 86400,
"reAuthenticationEveryXSeconds" : 86400,
"downloadSGACLListsEveryXSeconds" : 86400,
"otherSGADevicesToTrustThisDevice" : False,
"sendConfigurationToDevice" : False,
"sendConfigurationToDeviceUsing" : "ENABLE_USING_COA",
"coaSourceHost" : "IseNodeName"
},
"deviceConfigurationDeployment" : {
"includeWhenDeployingSGTUpdates" : True,
"enableModePassword" : "aaa",
"execModePassword" : "aaa",
"execModeUsername" : "aaa"
}
},
"tacacsSettings" : {
"sharedSecret" : "aaa",
"connectModeOptions" : "ON_LEGACY"
},
"profileName" : "Cisco",
"coaPort" : 1700,
"dtlsDnsName" : "ISE213.il.com",
"NetworkDeviceIPList" : [ {
"ipaddress" : "1.1.1.1",
"mask" : 32
} ],
"NetworkDeviceGroupList" : [ "Location#All Locations", "Device Type#All Device Types" ]
}
}

ISE = requests.post("https://x.x.x.x:9060/ers/config/networkdevice", verify=False, auth=(Username, Password), headers=headers, json=ISEjson)

 


print(ISE.text)
print(ISE.status_code)
print(ISE.headers)

####

 

 

The issue I am running into is when I try to post the data to ISE I get the following: 

<!doctype html><html lang="en"><head><title>HTTP Status 401 – Unauthorized</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 401 – Unauthorized</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Description</b> The request has not been applied because it lacks valid authentication credentials for the target resource.</p><hr class="line" /><h3></h3></body></html>
401
{'WWW-Authenticate': 'Basic realm="ERSRealm"', 'Content-Type': 'text/html;charset=utf-8', 'Content-Language': 'en', 'Content-Length': '1014', 'Date': 'Tue, 09 Jul 2019 02:02:03 GMT', 'Server': ''}

 

 

I am not sure why it is not authenticating as I can use the requests module to GET and DELETE stuff in ISE with this same account. Can anyone provide some insight? 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: Automation with ISE ERS API

Disregard!

 

Solution: The Python interpreter was causing issues. 

View solution in original post

1 REPLY 1
Highlighted

Re: Automation with ISE ERS API

Disregard!

 

Solution: The Python interpreter was causing issues. 

View solution in original post

Content for Community-Ad
Cisco Community July 2020 Spotlight Award Winners
This widget could not be displayed.