Cisco Identity Services Engine API Reference Guide, Release 1.1.x
Preface
Downloads: This chapterpdf (PDF - 126.0KB) The complete bookPDF (PDF - 1.47MB) | Feedback

Preface

Table Of Contents

Preface

Overview of Cisco Identity Services Engine

Purpose

Audience

Document Organization

Document Conventions

Documentation Updates

Product Documentation

Related Documentation

Release-Specific Documentation

Platform-Specific Documentation

Obtaining Documentation and Submitting a Service Request


Preface


Revised: June 20, 2013, OL-25543-01

This preface explains the objectives, intended audience, and organization of both Cisco Identity Services Engine API Reference Guide Releases 1.1 and 1.1.x. The preface also describes the conventions that provide instructions and provides other types of information in the following sections:

Overview of Cisco Identity Services Engine

Purpose

Audience

Document Organization

Document Conventions

Documentation Updates

Product Documentation

Related Documentation

Obtaining Documentation and Submitting a Service Request

Overview of Cisco Identity Services Engine

Cisco Identity Services Engine (ISE), as a next-generation identity and access control policy platform enables enterprises to enforce compliance, enhance infrastructure security, and streamline their service operations. The unique architecture of Cisco ISE allows enterprises to gather real-time contextual information from networks, users, and devices in order to make proactive governance decisions by tying identity to various network elements including access switches, wireless LAN controllers (WLCs), virtual private network (VPN) gateways, and data center switches.

Cisco ISE is a key component of the Cisco Security Group Access Solution. Cisco ISE is a consolidated policy-based access control solution that:

Combines authentication, authorization, accounting (AAA), posture, profiler, and guest management services into one appliance

Enforces endpoint compliance by checking the device posture of all endpoints accessing the network, including 802.1X environments

Provides support for discovery, profiling, policy-based placement, and monitoring of endpoint devices on the network

Enables consistent policy in centralized and distributed deployments allowing services to be delivered where they are needed

Employs advanced enforcement capabilities including Security Group Access (SGA) through the use of Security Group Tags (SGTs) and Security Group (SG) Access Control Lists (ACLs)

Supports scalability to support a number of deployment scenarios from small office to large enterprise environments

The Cisco ISE architecture supports standalone and distributed deployments, allowing you to configure and manage your network from a centralized portal. For more information on the capabilities of Cisco ISE, see the Cisco Identity Services Engine User Guide, Release 1.1.x.

Purpose

This application programming interface (API) reference guide provides only a brief high-level overview of the capabilities afforded by the supported APIs. The purpose of this API reference guide is to provide a developer, system or network administrator, or system integrator with basic guidelines for using the outlined APIs within the Cisco ISE deployment.

The API calls use queries to determine the following types of data:

Number of active sessions

Types of active sessions

Authentication status of active session

MAC addresses in use

NAS IP addresses in use

Node versions and types

Reasons for node session failures


Note For more information about the Cisco ISE network, its nodes and personas, concepts of operation or usage, or how to use the Cisco ISE user interface, see the Cisco Identity Services Engine User Guide, Release 1.1.x.


Audience

This API reference guide is intended for experienced system administrators who administer Cisco ISE appliances within a network environment, system integrators who may want to make use of the APIs, or third-party partners who have with the responsibility for managing or troubleshooting Cisco ISE deployments. As a prerequisite to using this API reference guide, you should have a basic understanding of troubleshooting and diagnostic practices and how to make and interpret API calls.

Document Organization

This guide is organized as follows:

Part 1Cisco ISE Monitoring REST APIs

Chapter 1 "Introduction to Monitoring REST APIs"

Chapter 2 "Using the Query APIs for Session Management"

Chapter 3 "Using the Query APIs for Troubleshooting"

Chapter 4 "Using the Change of Authorization REST APIs"

Part 2Reference

"Using the Cisco ISE Failure Reasons Editor"

Document Conventions

This section outlines the conventions used throughout this document.


Caution Means reader be careful. You are capable of doing something that might result in equipment damage or loss of data.


Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in this manual.


This API reference guide uses the following conventions to convey instructions and information.

Item
Convention

Commands, keywords, special terminology, and options that should be chosen during procedures

boldface font

Variables for which you supply values and new or important terminology

italic font

Displayed session and system information, paths, and file names

screen font

Information you enter

boldface screen font

Variables you enter

italic screen font

Menu items and button names

boldface font

Indicates menu items to choose, in the order in which you choose them.

Option > Network Preferences


Documentation Updates

lists the updates made to this document since its inception, with the most recent update featured first in the list.

Table 1 Updates for Cisco Identity Services Engine API Reference Guide, Release 1.1.x

Date
Description

10/31/12

Cisco Identity Services Engine, Release 1.1.2

7/10/12

Cisco Identity Services Engine, Release 1.1.1

3/19/12

Cisco Identity Services Engine, Release 1.1


Product Documentation


Note We sometimes update the printed and electronic documentation after original publication. Therefore, you should also review the documentation on http://www.cisco.com for any updates.


lists the related product documentation that is available for Cisco ISE Release 1.1 on www.cisco.com. To find end-user documentation for all products on www.cisco.com, go to:

http://www.cisco.com/go/techdocs

Related Documentation

This section provides information on release-specific documentation, as well as platform-specific documentation.

Release-Specific Documentation

lists the product documentation available for the Cisco ISE Release. General product information for Cisco ISE is available at http://www.cisco.com/go/ise. End-user documentation is available on Cisco.com at http://www.cisco.com/en/US/products/ps11640/tsd_products_support_series_home.html.

Table 2 Product Documentation for Cisco Identity Services Engine 

Document Title
Location

Release Notes for the Cisco Identity Services Engine, Release 1.1

Release Notes for the Cisco Identity Services Engine, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/prod_release_notes_list.html

Cisco Identity Services Engine Network Component Compatibility, Release 1.1

Cisco Identity Services Engine Network Component Compatibility, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/products_device_support_tables_list.html

Cisco Identity Services Engine User Guide, Release 1.1

Cisco Identity Services Engine User Guide, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/products_user_guide_list.html

Cisco Identity Services Engine Hardware Installation Guide, Release 1.1

Cisco Identity Services Engine Hardware Installation Guide, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/prod_installation_guides_list.html

Cisco Identity Services Engine Upgrade Guide, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/prod_installation_guides_list.html

Cisco Identity Services Engine Migration Guide for Cisco Secure ACS 5.1 and 5.2, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/prod_installation_guides_list.html

Cisco Identity Services Engine Sponsor Portal User Guide, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/products_user_guide_list.html

Cisco Identity Services Engine CLI Reference Guide, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/prod_command_reference_list.html

Cisco Identity Services Engine API Reference Guide, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/prod_command_reference_list.html

Cisco Identity Services Engine Troubleshooting Guide, Release 1.1.x

http://www.cisco.com/en/US/products/ps11640/prod_troubleshooting_guides_list.html

Regulatory Compliance and Safety Information for Cisco Identity Services Engine, Cisco 1121 Secure Access Control System, Cisco NAC Appliance, Cisco NAC Guest Server, and Cisco NAC Profiler

http://www.cisco.com/en/US/products/ps11640/prod_installation_guides_list.html

Cisco Identity Services Engine In-Box Documentation and China RoHS Pointer Card

http://www.cisco.com/en/US/products/ps11640/products_documentation_roadmaps_list.html


Platform-Specific Documentation

Links to other platform-specific documentation are available at the following locations:

Cisco ISE
http://www.cisco.com/en/US/products/ps11640/prod_installation_guides_list.html

Cisco Secure ACS
http://www.cisco.com/en/US/products/ps9911/tsd_products_support_series_home.html

Cisco NAC Appliance
http://www.cisco.com/en/US/products/ps6128/tsd_products_support_series_home.html

Cisco NAC Profiler
http://www.cisco.com/en/US/products/ps8464/tsd_products_support_series_home.html

Cisco NAC Guest Server
http://www.cisco.com/en/US/products/ps10160/tsd_products_support_series_home.html

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, refer to the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.