Cisco ISE has two APIs:
Session API: This API allows developers to gather session- and node-
specific information by using Cisco ISE to monitor nodes.
External RESTful Services (ERS) API: This API enables
developers to perform operations on the following types of ISE
resources:
Endpoints
Endpoint identity groups
Guest users and internal users
Identity groups
Portals
Profiler policies
Network devices
Network device groups
Security groupsThe Cisco ISE administrator must assign special
privileges to a user to perform operations using the ERS
API. The Cisco ISE administrator can assign the
following two roles to deliver services using the ERS API
(see Figure 11-10):
External RESTful Services Admin: For full access to all ERS
methods (GET, POST, DELETE, PUT).
External RESTful Services Operator: For read-only access (GET
requests only).Figure 11-10 ISE ERS: Enabling API Access