ERS Client

Overview

The ERS (External RESTful Services) API is the primary interface for configuration management in Cisco ISE.

Port: 9060
Authentication: Basic Auth
Format: JSON

Initialization

from netapi.vendors.cisco.ise import ERSClient

# From dsec secrets
client = ERSClient.from_dsec('home.lab.ise.primary')

# Manual initialization
client = ERSClient(
    host='ise-01.inside.domusdigitalis.dev',
    username='admin',
    password='secret',
    port=9060,
    verify_ssl=True
)

Endpoint Operations

List Endpoints

# List all endpoints
for endpoint in client.endpoints.list():
    print(f"{endpoint.mac} - {endpoint.group_id}")

# With pagination
endpoints = list(client.endpoints.list(page=1, page_size=100))

# With filter
medical_endpoints = client.endpoints.list(
    filter='groupId.EQ.medical-devices-group-id'
)

Get Endpoint

# By ID
endpoint = client.endpoints.get('endpoint-uuid')

# By MAC address
endpoint = client.endpoints.get_by_mac('C8:5B:76:C6:59:62')

Create Endpoint

from netapi.vendors.cisco.ise.models import Endpoint

new_endpoint = Endpoint(
    mac='AA:BB:CC:DD:EE:FF',
    description='New medical device',
    group_id='medical-devices-group-id',
    static_group=True
)

result = client.endpoints.create(new_endpoint)

Update Endpoint

endpoint = client.endpoints.get_by_mac('C8:5B:76:C6:59:62')
endpoint.description = 'Updated description'
result = client.endpoints.update(endpoint)

Delete Endpoint

result = client.endpoints.delete('endpoint-uuid')

CLI Usage

# Get endpoint by MAC
netapi ise get-endpoint C8:5B:76:C6:59:62

# JSON output for jq processing
netapi ise --format json get-endpoint C8:5B:76:C6:59:62 | jq