Cisco Identity Services Engine (ISE) is a network administration product that enables the creation and enforcement of security and access policies for endpoint devices connected to the company's routers and switches. The purpose is to simplify identity management across diverse devices and applications.
This document provides information about the Cisco ISE connector, which facilitates automated interactions, with a Cisco ISE server using FortiSOAR™ playbooks. Add the Cisco ISE connector as a step in FortiSOAR™ playbooks and perform automated operations, such as quarantining and un-quarantining IP addresses on Cisco ISE and retrieving a list of all active sessions from Cisco ISE.
Connector Version: 2.1.0
Authored By: Community
Certified: No
Following enhancements have been made to the Cisco ISE connector in version 2.1.0:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the following yum command as a root user to install connectors from an SSH session:
yum install cyops-connector-cisco-ise
For the procedure to configure a connector, click here
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Cisco ISE connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter | Description |
|---|---|
| Server URL | Specify the IP address or FQDN of the Cisco ISE server to which you will connect and perform the automated operations. |
| Username | Specify the username to access the Cisco ISE to which you will connect and perform the automated operations. |
| Password | Specify the password to access the Cisco ISE server to which you will connect and perform the automated operations. |
| ERS Port | The External RESTful Services (ERS) is a REST API based on HTTPS over port 9060. This is required to be specified for ERS API operations. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. |
The following automated operations can be included in playbooks, and you can also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| List All Active Sessions | Retrieves a list of all active sessions from Cisco ISE. | list_active_sessions Investigation |
| EPS: Quarantine IP Address | Quarantines an IP address that you have specified on Cisco ISE. | quarantine_ip Containment |
| EPS: Quarantine MAC Address | Quarantines a MAC address that you have specified on Cisco ISE. | quarantine_mac Containment |
| EPS: Un-Quarantine IP Address | Removes an IP address that you have specified from the quarantine list on Cisco ISE. | unquarantine_ip Containment |
| EPS: Un-Quarantine MAC Address | Removes a MAC address that you have specified from the quarantine list on Cisco ISE. | unquarantine_mac Containment |
| End a Target MAC address Session | Ends a session of the MAC address that you have specified on Cisco ISE. | end_session Miscellaneous |
| MAC Address Logout | Logs off a session of the MAC address that you have specified on Cisco ISE. | logoff_session Miscellaneous |
| Get Endpoints | Retrieves details for all ERS endpoints or a specific endpoint from Cisco ISE based on the endpoint ID or name and other input parameters you have specified. | get_ise_endpoint Investigation |
| Get ANC Endpoint | Retrieves details for all Adaptive Network Control (ANC) endpoints or a specific ANC endpoint from Cisco ISE based on the ANC Endpoint ID and other input parameters you have specified. | get_anc_endpoint Investigation |
| Create ANC Policy | Creates an ANC policy in Cisco ISE based on the ANC policy name and action you have specified. | create_policy Containment |
| Get ANC Policy | Retrieves details for all ANC policies or a specific ANC policy from Cisco ISE based on the policy ID or name and other input parameters you have specified. | get_anc_policy Investigation |
| Assign ANC Policy | Assigns a specific ANC policy to a MAC address or an IP address on Cisco ISE based on the policy or name and the MAC or IP address you have specified. | assign_policy Containment |
| Revoke ANC Policy | Revokes a specific ANC policy from a MAC address or an IP address on Cisco ISE based on the policy or name and the MAC or IP address you have specified. | revoke_policy Remediation |
| Get Internal User Details | Retrieves details of an internal user from Cisco ISE based on the user ID you have specified. | get_internal_user_details Investigation |
| List Internal Users | Retrieves all internal users or specific internal users from Cisco ISE based on your specified input parameters. | list_internal_users Investigation |
| Disable Internal User | Sets the status of an internal user to 'Disabled' in Cisco ISE based on the username you have specified. | disable_internal_user Containment |
| Enable Internal User | Sets the status of an internal user to 'Enabled' in Cisco ISE based on the username you have specified. | enable_internal_user Containment |
| List Guest Users | Retrieves all guest users or specific guest users from Cisco ISE based on your specified input parameters. | list_guest_users Investigation |
| Get Guest User Details | Retrieves details of a guest user from Cisco ISE based on the user ID you have specified. | get_guest_user_details Investigation |
| Suspend Guest User | Suspends a guest user from Cisco ISE based on the username you have specified. | suspend_guest_user Containment |
| Reinstate Guest User | Reinstates a guest user in Cisco ISE based on the username you have specified. | reinstate_guest_user Containment |
None.
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target IP Address | Specify the IP address of the device that you want to quarantine in Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device that you want to quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target IP Address | Specify the IP address of the device that you want to un-quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device you want to un-quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device whose session you want to end on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device that you want to log out from Cisco ISE. |
| Target Server Address | Specify the server address from which you want to log out the specified target machine. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| Get Endpoint By | Choose the method using which you want to retrieve endpoint details from Cisco ISE. You can choose between Endpoint ID or Endpoint Name. If you choose 'Endpoint ID', then you must specify the following parameter:
|
| Size | Specify the number of results that the operation should include per page. The search result is by default paged to 20 results per page. |
| Page | Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema if you do not specify any endpoint name or ID for the 'Get Endpoint By' operation:
{
"SearchResult": {
"resources": [
{
"link": {
"type": "",
"rel": "",
"href": ""
},
"id": "",
"name": ""
}
],
"total": ""
}
}
The output contains the following populated JSON schema if you have specified an endpoint name or ID for the 'Get Endpoint By' operation:
{
"ERSEndPoint": {
"identityStore": "",
"id": "",
"portalUser": "",
"description": "",
"staticGroupAssignment": "",
"staticProfileAssignment": "",
"groupId": "",
"link": {
"type": "",
"rel": "",
"href": ""
},
"profileId": "",
"mac": "",
"identityStoreId": "",
"name": ""
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| ANC Endpoint ID |
Specify the ID of the ANC endpoint whose details you want to retrieve from Cisco ISE. |
| Size | Specify the number of results that the operation should include per page. The search result is by default paged to 20 resources per page. |
| Page | Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema if you do not specify any endpoint ID for the 'Get ANC Endpoint' operation:
{
"SearchResult": {
"resources": [
{
"link": {
"type": "",
"rel": "",
"href": ""
},
"id": ""
}
],
"total": ""
}
}
The output contains the following populated JSON schema if you have specified an endpoint ID for the 'Get ANC Endpoint' operation:
{
"ErsAncEndpoint": {
"link": {
"type": "",
"rel": "",
"href": ""
},
"policyName": "",
"id": "",
"macAddress": ""
}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the policy that you want to create on Cisco ISE. |
| Action | Select the type of actions to be applied to the ANC policy that you want to create on Cisco ISE. You can choose from the following options: Quarantine, Portbounce, or Shutdown. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| Get Policy By | Choose the method using which you want to retrieve ANC Policies from Cisco ISE. You can choose between Policy ID or Policy Name. If you choose 'Policy ID', then you must specify the following parameter:
|
| Size | Specify the number of results that the operation should include per page. The search result is by default paged to 20 resources per page. |
| Page | Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema if you do not specify any policy name or ID for the 'Get ANC Policy' operation:
{
"SearchResult": {
"resources": [
{
"link": {
"type": "",
"rel": "",
"href": ""
},
"id": "",
"name": ""
}
],
"total": ""
}
}
The output contains the following populated JSON schema if you have specified a policy name or ID for the 'Get ANC Policy' operation:
{
"ErsAncPolicy": {
"link": {
"type": "",
"rel": "",
"href": ""
},
"actions": [],
"id": "",
"name": ""
}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the ANC policy that you want to apply to a specific MAC or IP address on Cisco ISE. |
| Apply To | Choose whether you want to apply the specific ANC policy to a Mac Address or an IP address. If you choose 'IP Address', then you must specify the following parameter:
|
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the ANC policy that you want to revoke from a specific MAC or IP address on Cisco ISE. |
| Revoke From | Choose whether you want to revoke the specific ANC policy from a Mac Address or an IP address. If you choose 'IP Address', then you must specify the following parameter:
|
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| User ID | Specify the User ID of the internal user whose details you want to retrieve from Cisco ISE. Note: You can find out the internal User ID by using the 'List Internal Users' action. |
The output contains the following populated JSON schema:
{
"InternalUser": {
"id": "",
"link": {
"rel": "",
"href": "",
"type": ""
},
"name": "",
"enabled": "",
"lastName": "",
"password": "",
"firstName": "",
"changePassword": "",
"identityGroups": "",
"passwordIDStore": "",
"customAttributes": {
"Static-IPv4-Addr": ""
},
"expiryDateEnabled": ""
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list, i.e., a list of all internal users, is returned.
| Parameter | Description |
|---|---|
| User Name | Specify the username of the internal user whose details you want to retrieve from Cisco ISE. |
| First Name | Specify the first name of the internal user whose details you want to retrieve from Cisco ISE. |
| Last Name | Specify the last name of the internal user whose details you want to retrieve from Cisco ISE. |
| Email Address | Specify the email address of the internal user whose details you want to retrieve from Cisco ISE. |
| Size | Specify the number of results that the operation should include per page. |
| Page | Specify the page number from which you want to retrieve results. |
The output contains the following populated JSON schema:
{
"SearchResult": {
"total": "",
"nextPage": {
"rel": "",
"href": "",
"type": ""
},
"resources": [
{
"id": "",
"link": {
"rel": "",
"href": "",
"type": ""
},
"name": ""
}
]
}
}
| Parameter | Description |
|---|---|
| Username | Specify the username of an internal user whose status you want to set as 'Disabled'. |
The output contains the following populated JSON schema:
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "",
"newValue": "",
"oldValue": ""
}
]
}
}
| Parameter | Description |
|---|---|
| Username | Specify the username of an internal user whose status you want to set as 'Enabled'. |
The output contains the following populated JSON schema:
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "",
"newValue": "",
"oldValue": ""
}
]
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list, i.e., a list of all guest users, is returned.
| Parameter | Description |
|---|---|
| User Name | Specify the username of the guest user whose details you want to retrieve from Cisco ISE. |
| First Name | Specify the first name of the guest user whose details you want to retrieve from Cisco ISE. |
| Last Name | Specify the last name of the guest user whose details you want to retrieve from Cisco ISE. |
| Email Address | Specify the email of the guest user whose details you want to retrieve from Cisco ISE. |
| Sponsor Username | Specify the username for the sponsor of the guest account whose details you want to retrieve from Cisco ISE. |
| Company | Specify the company of the guest user whose details you want to retrieve from Cisco ISE. |
| Phone Number | Specify the phone number of the guest user whose details you want to retrieve from Cisco ISE. Note: The Phone number should be E.164 format, exp: +13211239034 |
| Size | Specify the number of results that the operation should include per page. |
| Page | Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
{
"SearchResult": {
"total": "",
"resources": [
{
"id": "",
"name": "",
"description": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
]
}
}
| Parameter | Description |
|---|---|
| User ID | Specify the User ID of the guest user whose details you want to retrieve from Cisco ISE. Note: You can find out the guest User ID by using the 'List Guest Users' action. |
The output contains the following populated JSON schema:
{
"GuestUser": {
"id": "",
"name": "",
"description": "",
"guestType": "",
"sponsorUserName": "",
"guestInfo": {
"userName": "",
"emailAddress": "",
"phoneNumber": "",
"password": "",
"enabled": "",
"smsServiceProvider": ""
},
"guestAccessInfo": {
"validDays": "",
"fromDate": "",
"toDate": "",
"location": ""
},
"portalId": "",
"customFields": {
"another key": "",
"some key": ""
},
"link": {
"rel": "",
"href": "",
"type": ""
}
}
}
| Parameter | Description |
|---|---|
| Guest Username | Specify the username of the guest user who you want to suspend from Cisco ISE |
The output contains the following populated JSON schema:
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Guest Username | Specify the username of the guest user who you want to reinstate in Cisco ISE |
The output contains the following populated JSON schema:
The output contains a non-dictionary value.
The Sample - Cisco ISE - 2.1.0 playbook collection comes bundled with the Cisco ISE connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco ISE connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during the connector upgrade and delete.
Cisco Identity Services Engine (ISE) is a network administration product that enables the creation and enforcement of security and access policies for endpoint devices connected to the company's routers and switches. The purpose is to simplify identity management across diverse devices and applications.
This document provides information about the Cisco ISE connector, which facilitates automated interactions, with a Cisco ISE server using FortiSOAR™ playbooks. Add the Cisco ISE connector as a step in FortiSOAR™ playbooks and perform automated operations, such as quarantining and un-quarantining IP addresses on Cisco ISE and retrieving a list of all active sessions from Cisco ISE.
Connector Version: 2.1.0
Authored By: Community
Certified: No
Following enhancements have been made to the Cisco ISE connector in version 2.1.0:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the following yum command as a root user to install connectors from an SSH session:
yum install cyops-connector-cisco-ise
For the procedure to configure a connector, click here
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Cisco ISE connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter | Description |
|---|---|
| Server URL | Specify the IP address or FQDN of the Cisco ISE server to which you will connect and perform the automated operations. |
| Username | Specify the username to access the Cisco ISE to which you will connect and perform the automated operations. |
| Password | Specify the password to access the Cisco ISE server to which you will connect and perform the automated operations. |
| ERS Port | The External RESTful Services (ERS) is a REST API based on HTTPS over port 9060. This is required to be specified for ERS API operations. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. |
The following automated operations can be included in playbooks, and you can also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| List All Active Sessions | Retrieves a list of all active sessions from Cisco ISE. | list_active_sessions Investigation |
| EPS: Quarantine IP Address | Quarantines an IP address that you have specified on Cisco ISE. | quarantine_ip Containment |
| EPS: Quarantine MAC Address | Quarantines a MAC address that you have specified on Cisco ISE. | quarantine_mac Containment |
| EPS: Un-Quarantine IP Address | Removes an IP address that you have specified from the quarantine list on Cisco ISE. | unquarantine_ip Containment |
| EPS: Un-Quarantine MAC Address | Removes a MAC address that you have specified from the quarantine list on Cisco ISE. | unquarantine_mac Containment |
| End a Target MAC address Session | Ends a session of the MAC address that you have specified on Cisco ISE. | end_session Miscellaneous |
| MAC Address Logout | Logs off a session of the MAC address that you have specified on Cisco ISE. | logoff_session Miscellaneous |
| Get Endpoints | Retrieves details for all ERS endpoints or a specific endpoint from Cisco ISE based on the endpoint ID or name and other input parameters you have specified. | get_ise_endpoint Investigation |
| Get ANC Endpoint | Retrieves details for all Adaptive Network Control (ANC) endpoints or a specific ANC endpoint from Cisco ISE based on the ANC Endpoint ID and other input parameters you have specified. | get_anc_endpoint Investigation |
| Create ANC Policy | Creates an ANC policy in Cisco ISE based on the ANC policy name and action you have specified. | create_policy Containment |
| Get ANC Policy | Retrieves details for all ANC policies or a specific ANC policy from Cisco ISE based on the policy ID or name and other input parameters you have specified. | get_anc_policy Investigation |
| Assign ANC Policy | Assigns a specific ANC policy to a MAC address or an IP address on Cisco ISE based on the policy or name and the MAC or IP address you have specified. | assign_policy Containment |
| Revoke ANC Policy | Revokes a specific ANC policy from a MAC address or an IP address on Cisco ISE based on the policy or name and the MAC or IP address you have specified. | revoke_policy Remediation |
| Get Internal User Details | Retrieves details of an internal user from Cisco ISE based on the user ID you have specified. | get_internal_user_details Investigation |
| List Internal Users | Retrieves all internal users or specific internal users from Cisco ISE based on your specified input parameters. | list_internal_users Investigation |
| Disable Internal User | Sets the status of an internal user to 'Disabled' in Cisco ISE based on the username you have specified. | disable_internal_user Containment |
| Enable Internal User | Sets the status of an internal user to 'Enabled' in Cisco ISE based on the username you have specified. | enable_internal_user Containment |
| List Guest Users | Retrieves all guest users or specific guest users from Cisco ISE based on your specified input parameters. | list_guest_users Investigation |
| Get Guest User Details | Retrieves details of a guest user from Cisco ISE based on the user ID you have specified. | get_guest_user_details Investigation |
| Suspend Guest User | Suspends a guest user from Cisco ISE based on the username you have specified. | suspend_guest_user Containment |
| Reinstate Guest User | Reinstates a guest user in Cisco ISE based on the username you have specified. | reinstate_guest_user Containment |
None.
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target IP Address | Specify the IP address of the device that you want to quarantine in Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device that you want to quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target IP Address | Specify the IP address of the device that you want to un-quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device you want to un-quarantine on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device whose session you want to end on Cisco ISE. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| Target MAC Address | Specify the MAC address of the device that you want to log out from Cisco ISE. |
| Target Server Address | Specify the server address from which you want to log out the specified target machine. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| Get Endpoint By | Choose the method using which you want to retrieve endpoint details from Cisco ISE. You can choose between Endpoint ID or Endpoint Name. If you choose 'Endpoint ID', then you must specify the following parameter:
|
| Size | Specify the number of results that the operation should include per page. The search result is by default paged to 20 results per page. |
| Page | Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema if you do not specify any endpoint name or ID for the 'Get Endpoint By' operation:
{
"SearchResult": {
"resources": [
{
"link": {
"type": "",
"rel": "",
"href": ""
},
"id": "",
"name": ""
}
],
"total": ""
}
}
The output contains the following populated JSON schema if you have specified an endpoint name or ID for the 'Get Endpoint By' operation:
{
"ERSEndPoint": {
"identityStore": "",
"id": "",
"portalUser": "",
"description": "",
"staticGroupAssignment": "",
"staticProfileAssignment": "",
"groupId": "",
"link": {
"type": "",
"rel": "",
"href": ""
},
"profileId": "",
"mac": "",
"identityStoreId": "",
"name": ""
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| ANC Endpoint ID |
Specify the ID of the ANC endpoint whose details you want to retrieve from Cisco ISE. |
| Size | Specify the number of results that the operation should include per page. The search result is by default paged to 20 resources per page. |
| Page | Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema if you do not specify any endpoint ID for the 'Get ANC Endpoint' operation:
{
"SearchResult": {
"resources": [
{
"link": {
"type": "",
"rel": "",
"href": ""
},
"id": ""
}
],
"total": ""
}
}
The output contains the following populated JSON schema if you have specified an endpoint ID for the 'Get ANC Endpoint' operation:
{
"ErsAncEndpoint": {
"link": {
"type": "",
"rel": "",
"href": ""
},
"policyName": "",
"id": "",
"macAddress": ""
}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the policy that you want to create on Cisco ISE. |
| Action | Select the type of actions to be applied to the ANC policy that you want to create on Cisco ISE. You can choose from the following options: Quarantine, Portbounce, or Shutdown. |
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| Get Policy By | Choose the method using which you want to retrieve ANC Policies from Cisco ISE. You can choose between Policy ID or Policy Name. If you choose 'Policy ID', then you must specify the following parameter:
|
| Size | Specify the number of results that the operation should include per page. The search result is by default paged to 20 resources per page. |
| Page | Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema if you do not specify any policy name or ID for the 'Get ANC Policy' operation:
{
"SearchResult": {
"resources": [
{
"link": {
"type": "",
"rel": "",
"href": ""
},
"id": "",
"name": ""
}
],
"total": ""
}
}
The output contains the following populated JSON schema if you have specified a policy name or ID for the 'Get ANC Policy' operation:
{
"ErsAncPolicy": {
"link": {
"type": "",
"rel": "",
"href": ""
},
"actions": [],
"id": "",
"name": ""
}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the ANC policy that you want to apply to a specific MAC or IP address on Cisco ISE. |
| Apply To | Choose whether you want to apply the specific ANC policy to a Mac Address or an IP address. If you choose 'IP Address', then you must specify the following parameter:
|
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| ANC Policy Name | Specify the name of the ANC policy that you want to revoke from a specific MAC or IP address on Cisco ISE. |
| Revoke From | Choose whether you want to revoke the specific ANC policy from a Mac Address or an IP address. If you choose 'IP Address', then you must specify the following parameter:
|
The output contains the following populated JSON schema:
{
"request_status": "",
"result": {}
}
| Parameter | Description |
|---|---|
| User ID | Specify the User ID of the internal user whose details you want to retrieve from Cisco ISE. Note: You can find out the internal User ID by using the 'List Internal Users' action. |
The output contains the following populated JSON schema:
{
"InternalUser": {
"id": "",
"link": {
"rel": "",
"href": "",
"type": ""
},
"name": "",
"enabled": "",
"lastName": "",
"password": "",
"firstName": "",
"changePassword": "",
"identityGroups": "",
"passwordIDStore": "",
"customAttributes": {
"Static-IPv4-Addr": ""
},
"expiryDateEnabled": ""
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list, i.e., a list of all internal users, is returned.
| Parameter | Description |
|---|---|
| User Name | Specify the username of the internal user whose details you want to retrieve from Cisco ISE. |
| First Name | Specify the first name of the internal user whose details you want to retrieve from Cisco ISE. |
| Last Name | Specify the last name of the internal user whose details you want to retrieve from Cisco ISE. |
| Email Address | Specify the email address of the internal user whose details you want to retrieve from Cisco ISE. |
| Size | Specify the number of results that the operation should include per page. |
| Page | Specify the page number from which you want to retrieve results. |
The output contains the following populated JSON schema:
{
"SearchResult": {
"total": "",
"nextPage": {
"rel": "",
"href": "",
"type": ""
},
"resources": [
{
"id": "",
"link": {
"rel": "",
"href": "",
"type": ""
},
"name": ""
}
]
}
}
| Parameter | Description |
|---|---|
| Username | Specify the username of an internal user whose status you want to set as 'Disabled'. |
The output contains the following populated JSON schema:
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "",
"newValue": "",
"oldValue": ""
}
]
}
}
| Parameter | Description |
|---|---|
| Username | Specify the username of an internal user whose status you want to set as 'Enabled'. |
The output contains the following populated JSON schema:
{
"UpdatedFieldsList": {
"updatedField": [
{
"field": "",
"newValue": "",
"oldValue": ""
}
]
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list, i.e., a list of all guest users, is returned.
| Parameter | Description |
|---|---|
| User Name | Specify the username of the guest user whose details you want to retrieve from Cisco ISE. |
| First Name | Specify the first name of the guest user whose details you want to retrieve from Cisco ISE. |
| Last Name | Specify the last name of the guest user whose details you want to retrieve from Cisco ISE. |
| Email Address | Specify the email of the guest user whose details you want to retrieve from Cisco ISE. |
| Sponsor Username | Specify the username for the sponsor of the guest account whose details you want to retrieve from Cisco ISE. |
| Company | Specify the company of the guest user whose details you want to retrieve from Cisco ISE. |
| Phone Number | Specify the phone number of the guest user whose details you want to retrieve from Cisco ISE. Note: The Phone number should be E.164 format, exp: +13211239034 |
| Size | Specify the number of results that the operation should include per page. |
| Page | Specify the page number from which you want to retrieve results. Page numbering starts on page 1. |
The output contains the following populated JSON schema:
{
"SearchResult": {
"total": "",
"resources": [
{
"id": "",
"name": "",
"description": "",
"link": {
"rel": "",
"href": "",
"type": ""
}
}
]
}
}
| Parameter | Description |
|---|---|
| User ID | Specify the User ID of the guest user whose details you want to retrieve from Cisco ISE. Note: You can find out the guest User ID by using the 'List Guest Users' action. |
The output contains the following populated JSON schema:
{
"GuestUser": {
"id": "",
"name": "",
"description": "",
"guestType": "",
"sponsorUserName": "",
"guestInfo": {
"userName": "",
"emailAddress": "",
"phoneNumber": "",
"password": "",
"enabled": "",
"smsServiceProvider": ""
},
"guestAccessInfo": {
"validDays": "",
"fromDate": "",
"toDate": "",
"location": ""
},
"portalId": "",
"customFields": {
"another key": "",
"some key": ""
},
"link": {
"rel": "",
"href": "",
"type": ""
}
}
}
| Parameter | Description |
|---|---|
| Guest Username | Specify the username of the guest user who you want to suspend from Cisco ISE |
The output contains the following populated JSON schema:
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Guest Username | Specify the username of the guest user who you want to reinstate in Cisco ISE |
The output contains the following populated JSON schema:
The output contains a non-dictionary value.
The Sample - Cisco ISE - 2.1.0 playbook collection comes bundled with the Cisco ISE connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco ISE connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during the connector upgrade and delete.
