Cisco Prime Infrastructure API
Prime Infrastructure API Documentation

GET ClientDetails

Represents the detail view of a client. It provides attributes of client device, security information, connected device, traffic and session information. All information is collected in current or last session.

Since Product Version: 1.2

Resource Information

Rate Limiting?

Yes

Sorting?

Yes

Paging?

Yes

Filtering?

Yes

Group Filtering?

No

Aggregation?

Yes

Response Formats

xml

json

User Group

NBI Read

HTTP Methods

GET

DevNet Discussions

Resource URL

/webacs/api/v3/data/ClientDetails

Unmodified

This resource has not been modified since the previous API version.

Deprecated

This version has been deprecated. Please use v4.

Response Parameters

Attribute Description

adDomainName String

AD domain name acquired from Cisco Identity Service Engine

apIpAddress InetAddress

Associated AP IP address

apMacAddress String

Associated AP MAC address

apName String

Associated AP name

apSlotId int

Slot ID of the associated radio in the AP

associationTime long

Current or last session start time, measured in milliseconds since the Unix epoch.

auditSessionId String

Client audit session ID

authenticationAlgorithm AuthenticationAlgorithmEnum

Client authentication algorithm

Allowed values:

  • OPENSYSTEM
  • SHAREDKEY
  • UNKNOW
  • OPENANDEAP

authnTimeStamp String

Authorization time stamp acquired from Cisco Identity Service Engine

authorizationPolicy String

Authorization Policy acquired from Cisco Identity Service Engine

authorizedBy String

Authorization provider

ccxFSVersion CcxFSVersionEnum

CCX FS version of the client card

Allowed values:

  • UNSUPPORTED
  • NONE
  • V1
  • V2

ccxLSVersion CcxFSVersionEnum

CCX LS version of the client card

Allowed values:

  • UNSUPPORTED
  • NONE
  • V1
  • V2

ccxMSVersion CcxFSVersionEnum

CCX MS version of the client card

Allowed values:

  • UNSUPPORTED
  • NONE
  • V1
  • V2

ccxVSVersion CcxFSVersionEnum

CCX VS version of teh client card

Allowed values:

  • UNSUPPORTED
  • NONE
  • V1
  • V2

ccxVersion CCXVersionEnum

CCX version of the client card

Allowed values:

  • UNSUPPORTED
  • V1
  • V2
  • V3
  • V4
  • V5
  • V6

clientAaaOverrideAclApplied ClientAclAppliedEnum

Flag indicating whether AAA override ACL is applied to the client

Allowed values:

  • YES
  • NO
  • NA

clientAaaOverrideAclName String

AAA override ACL name applied to the client

clientAclApplied ClientAclAppliedEnum

Flag indicating whether ACL applied to the client

Allowed values:

  • YES
  • NO
  • NA

clientAclName String

ACL name applied to the client

clientApMode ClientApModeEnum

Client AP mode

Allowed values:

  • LOCAL
  • MONITOR
  • HREAP
  • ROGUEDETECTOR
  • UNKNOWN

clientInterface String

Client Interface

clientRedirectUrl String

Redirect URL applied to the client

connectionType ConnectionTypeEnum

Type of connection (Lightweight AP, Autonomous AP, or Wired)

Allowed values:

  • LIGHTWEIGHTWIRELESS
  • AUTONOMOUSWIRELESS
  • WIRED

ctsSecurityGroup String

client CTS security group acquired from Cisco Identity Service Engine

deviceIpAddress InetAddress

Associated device IP address

deviceName String

Associated device name (controller or switch)

deviceType String

Client device type identified and acquired from Cisco Identity Service Engine

eapType EapTypeEnum

EAP type

Allowed values:

  • EAPTLS
  • TTLS
  • PEAP
  • LEAP
  • SPEKE
  • EAPFAST
  • NA
  • UNNOWN
  • MD5
  • EAPSIM

encryptionCypher EncryptionCypherEnum

Client encryption cypher

Allowed values:

  • CCMPAES
  • TKIPMIC
  • LITERAL2
  • WEP140
  • WEP128
  • NONE
  • NA
  • UNKNOWN

failureCode String

Failure code acquired from Cisco Identity Service Engine

failureStep String

Failure step acquired from Cisco Identity Service Engine

firstSeenTime long

The time when the client was first discoved, measured in milliseconds since the Unix epoch.

hostname String

DNS reverse lookup from client IP address

hreapLocallyAuthenticated String

Flag indicating whether the client is authenticated via HREAP

ifDescr String

SNMP ifDescr if the switch that the client is connected to

ifIndex int

SNMP ifIndex of the switch that the client is connected to

ipAddress InetAddress

Client IP address

ipType ClientIpTypeEnum

Client IP type (IPv4, IPv6 or Dual-Stack)

Allowed values:

  • IPV4
  • IPV6
  • DUALSTACK
  • NOTDETECTED

iseName String

ISE (Cisco Identity Service Engine) name which the client is reported

location String

MAP location

macAddress String

Client MAC address

mobilityStatus MobilityStatusEnum

Client mobility status (local, anchored, export anchored)

Allowed values:

  • UNASSOCIATED
  • LOCAL
  • ANCHORED
  • FOREIGN
  • HANDOFF
  • UNKNOWN
  • EXPORTANCHORED
  • EXPORTFOREIGN

nacState NACState

Client NAC state

Allowed values:

  • NA
  • INVALID
  • QUARANTINE
  • ACCESS

policyType SecurityPolicyEnum

Security policy type

Allowed values:

  • DOT1X
  • WPA1
  • WPA2
  • WPA2VFF
  • NA
  • UNKNOWN
  • CCKM
  • MACAUTHBYPASS
  • WEBAUTH
  • WPA

policyTypeStatus PolicyTypeStatusEnum

Client policy type status acquired from Cisco Identity Service Engine

Allowed values:

  • IDLE
  • RUNNING
  • NOMETHOD
  • AUTHENTICATIONSUCEEDED
  • AUTHENTICATIONFAILED
  • AUTHORIZATIONSUCCEEDED
  • AUTHORIZATIONFAILED
  • DISASSOCIATED

postureStatus PostureStatusEnum

Client posture status acquired from Cisco Identity Service Engine

Allowed values:

  • UNKNOWN
  • COMPLIANT
  • NONCOMPLIANT
  • PENDING
  • NA
  • ERROR

protocol ClientProtocolEnum

client connection protocol (802.11a, 802.11b, 802.11g, 802.11n or 802.3)

Allowed values:

  • UNDEFINED
  • DOT11A
  • DOT11B
  • DOT11G
  • UNKNOWN
  • MOBILE
  • DOT11N2_4GNZ
  • DOT11N5GHZ
  • DOT3
  • DOT3GUEST
  • DOT11AC

radiusResponse String

Radius server response acquired from Cisco Identity Service Engine

securityPolicyStatus SecurityPolicyStatusEnum

status whether the client is on network (in running state)

Allowed values:

  • PASSED
  • FAILED

speed ClientSpeedEnum

The port speed that the client is connected to. For wireless clients the value of this attribute is UNKNOWN.

Allowed values:

  • UNKNOWN
  • SPEED10M
  • SPEED100M
  • SPEED1G

ssid String

SSID

status ClientStatusEnum

Status of the client connection

Allowed values:

  • IDLE
  • AUTHPENDING
  • AUTHENTICATED
  • ASSOCIATED
  • POWERSAVE
  • DISASSOCIATED
  • TOBEDELETED
  • PROBING
  • BLACKLISTED
  • NOTCONFIGURED
  • UNAUTHENTICATED

updateTime long

Last time this record was updated, measured in milliseconds since the Unix epoch.

userName String

Client username

vendor String

Vendor name of the client card derived from OUI mapping

vlan String

ID of the vlan the client is connected to

vlanName String

Name of the vlan the client is connected to

webSecurity WebSecurityEnum

flag to indicate whether the client is authenticated via WebAuth

Allowed values:

  • DISABLED
  • ENABLED

wepState WepStateEnum

Client WEP state

Allowed values:

  • NA
  • ENABLED
  • DISABLED

wgbMacAddress String

WGB MAC Address if it is a WGB client

wgbStatus WGBStatusEnum

Client WGB status (WGB client, WGB AP or local client)

Allowed values:

  • REGULARCLIENT
  • WGBCLIENT
  • WGBAP

wiredClientType WiredClientType

Wired client type

Allowed values:

  • NA
  • WIREDGUEST
  • WGB
  • EVORA

Sample Payloads

Sample payloads are for information only. They are automatically generated and the values included may not be representative of actual valid data values.

Sample XML Payload

https://localhost/webacs/api/v3/data/ClientDetails/15

<?xml version="1.0" ?>
<queryResponse type="ClientDetails" responseType="getEntity" requestUrl="https://localhost/webacs/api/v3/data/ClientDetails/15" rootUrl="https://localhost/webacs/api/v3/data">
  <entity dtoType="clientDetailsDTO" type="ClientDetails" url="https://localhost/webacs/api/v3/data/ClientDetails/15">
    <clientDetailsDTO displayName="String value" id="15" uuid="String value">
      <adDomainName>String value</adDomainName>
      <apName>String value</apName>
      <apSlotId>1</apSlotId>
      <associationTime>2</associationTime>
      <auditSessionId>String value</auditSessionId>
      <authenticationAlgorithm>OPENSYSTEM</authenticationAlgorithm>
      <authnTimeStamp>String value</authnTimeStamp>
      <authorizationPolicy>String value</authorizationPolicy>
      <authorizedBy>String value</authorizedBy>
      <ccxFSVersion>UNSUPPORTED</ccxFSVersion>
      <ccxLSVersion>UNSUPPORTED</ccxLSVersion>
      <ccxMSVersion>UNSUPPORTED</ccxMSVersion>
      <ccxVSVersion>UNSUPPORTED</ccxVSVersion>
      <ccxVersion>UNSUPPORTED</ccxVersion>
      <clientAaaOverrideAclApplied>YES</clientAaaOverrideAclApplied>
      <clientAaaOverrideAclName>String value</clientAaaOverrideAclName>
      <clientAclApplied>YES</clientAclApplied>
      <clientAclName>String value</clientAclName>
      <clientApMode>LOCAL</clientApMode>
      <clientInterface>String value</clientInterface>
      <clientRedirectUrl>String value</clientRedirectUrl>
      <connectionType>LIGHTWEIGHTWIRELESS</connectionType>
      <ctsSecurityGroup>String value</ctsSecurityGroup>
      <deviceName>String value</deviceName>
      <deviceType>String value</deviceType>
      <eapType>EAPTLS</eapType>
      <encryptionCypher>CCMPAES</encryptionCypher>
      <failureCode>String value</failureCode>
      <failureStep>String value</failureStep>
      <firstSeenTime>2</firstSeenTime>
      <hostname>String value</hostname>
      <ifDescr>String value</ifDescr>
      <ifIndex>1</ifIndex>
      <ipType>IPV4</ipType>
      <iseName>String value</iseName>
      <location>String value</location>
      <mobilityStatus>UNASSOCIATED</mobilityStatus>
      <nacState>NA</nacState>
      <policyType>DOT1X</policyType>
      <policyTypeStatus>IDLE</policyTypeStatus>
      <postureStatus>UNKNOWN</postureStatus>
      <protocol>UNDEFINED</protocol>
      <radiusResponse>String value</radiusResponse>
      <securityPolicyStatus>PASSED</securityPolicyStatus>
      <speed>UNKNOWN</speed>
      <ssid>String value</ssid>
      <status>IDLE</status>
      <updateTime>2</updateTime>
      <userName>String value</userName>
      <vendor>String value</vendor>
      <vlanName>String value</vlanName>
      <webSecurity>DISABLED</webSecurity>
      <wepState>NA</wepState>
      <wgbStatus>REGULARCLIENT</wgbStatus>
      <wiredClientType>NA</wiredClientType>
      <apIpAddress>
        <address>192.168.115.243</address>
      </apIpAddress>
      <apMacAddress>String value</apMacAddress>
      <deviceIpAddress>
        <address>192.168.115.243</address>
      </deviceIpAddress>
      <hreapLocallyAuthenticated>String value</hreapLocallyAuthenticated>
      <ipAddress>
        <address>192.168.115.243</address>
      </ipAddress>
      <macAddress>String value</macAddress>
      <vlan>String value</vlan>
      <wgbMacAddress>String value</wgbMacAddress>
    </clientDetailsDTO>
  </entity>
</queryResponse>

Sample JSON Payload

https://localhost/webacs/api/v3/data/ClientDetails/15.json

{
  "queryResponse" : {
    "@type" : "ClientDetails",
    "@requestUrl" : "https://localhost/webacs/api/v3/data/ClientDetails/15",
    "@responseType" : "getEntity",
    "@rootUrl" : "https://localhost/webacs/api/v3/data",
    "entity" : [ {
      "@dtoType" : "clientDetailsDTO",
      "@type" : "ClientDetails",
      "@url" : "https://localhost/webacs/api/v3/data/ClientDetails/15",
      "clientDetailsDTO" : {
        "@displayName" : "String value",
        "@id" : 15,
        "@uuid" : "String value",
        "adDomainName" : "String value",
        "apIpAddress" : {
          "address" : "192.168.115.243"
        },
        "apMacAddress" : "String value",
        "apName" : "String value",
        "apSlotId" : 1,
        "associationTime" : 2,
        "auditSessionId" : "String value",
        "authenticationAlgorithm" : "OPENSYSTEM",
        "authnTimeStamp" : "String value",
        "authorizationPolicy" : "String value",
        "authorizedBy" : "String value",
        "ccxFSVersion" : "UNSUPPORTED",
        "ccxLSVersion" : "UNSUPPORTED",
        "ccxMSVersion" : "UNSUPPORTED",
        "ccxVSVersion" : "UNSUPPORTED",
        "ccxVersion" : "UNSUPPORTED",
        "clientAaaOverrideAclApplied" : "YES",
        "clientAaaOverrideAclName" : "String value",
        "clientAclApplied" : "YES",
        "clientAclName" : "String value",
        "clientApMode" : "LOCAL",
        "clientInterface" : "String value",
        "clientRedirectUrl" : "String value",
        "connectionType" : "LIGHTWEIGHTWIRELESS",
        "ctsSecurityGroup" : "String value",
        "deviceIpAddress" : {
          "address" : "192.168.115.243"
        },
        "deviceName" : "String value",
        "deviceType" : "String value",
        "eapType" : "EAPTLS",
        "encryptionCypher" : "CCMPAES",
        "failureCode" : "String value",
        "failureStep" : "String value",
        "firstSeenTime" : 2,
        "hostname" : "String value",
        "hreapLocallyAuthenticated" : "String value",
        "ifDescr" : "String value",
        "ifIndex" : 1,
        "ipAddress" : {
          "address" : "192.168.115.243"
        },
        "ipType" : "IPV4",
        "iseName" : "String value",
        "location" : "String value",
        "macAddress" : "String value",
        "mobilityStatus" : "UNASSOCIATED",
        "nacState" : "NA",
        "policyType" : "DOT1X",
        "policyTypeStatus" : "IDLE",
        "postureStatus" : "UNKNOWN",
        "protocol" : "UNDEFINED",
        "radiusResponse" : "String value",
        "securityPolicyStatus" : "PASSED",
        "speed" : "UNKNOWN",
        "ssid" : "String value",
        "status" : "IDLE",
        "updateTime" : 2,
        "userName" : "String value",
        "vendor" : "String value",
        "vlan" : "String value",
        "vlanName" : "String value",
        "webSecurity" : "DISABLED",
        "wepState" : "NA",
        "wgbMacAddress" : "String value",
        "wgbStatus" : "REGULARCLIENT",
        "wiredClientType" : "NA"
      }
    } ]
  }
}