Overview
Learn how to configure a Cisco pxGrid Cloud policy in Cisco ISE to control which services and APIs are accessible to pxGrid Cloud applications.
By default, Cisco pxGrid Cloud applications are not permitted to access any Cisco pxGrid services or APIs in the Cisco ISE deployment. You must configure policies within Cisco ISE to explicitly grant access.
You can create a policy to specify what is allowed or denied between your Cisco ISE deployment and the Cisco pxGrid Cloud service. Authorization policies that are specific to each partner environment can be configured in the cloud portal. You will need the Cisco ISE Advantage license to configure a pxGrid Cloud policy.
Procedure
| 1. | In the Cisco ISE GUI, go to . |
|
| 2. | In the pxGrid Services area, choose the required services from the list. You can enable one or more pxGrid services by clicking their names. |
|
| 3. | In the ERS APIs area, enable the ERS APIs option to provide ERS API access to Cisco pxGrid Cloud applications. The ERS APIs option is disabled here if the ERS service is disabled in Cisco ISE. ERS API is disabled by default from Cisco ISE release 3.4. To enable ESR API service in Cisco ISE, follow these steps:
|
|
| 4. | In the OpenAPIs area, enable the OpenAPIs option to provide OpenAPI access to Cisco pxGrid Cloud applications. The OpenAPIs option is disabled here if the OpenAPI option is disabled in Cisco ISE.
OpenAPI is enabled by default from Cisco ISE release 3.4. To enable the OpenAPI service in earlier Cisco ISE releases, follow these steps:
|