Cisco Cisco Clean Access 3.5
13-23
Cisco Clean Access Manager Installation and Administration Guide
OL-7044-01
Chapter 13 Administration
API Support
•
Delete all guest users associated with that role for that day (for example, guest1day)
•
List all usernames associated with that role (for example, all users for guest1day)
These APIs will support most implementations of guest user access dynamic token/password generation
and allow the removal of those users for a guest role.
and allow the removal of those users for a guest role.
Note
You will still need to create the front-end generation password/token. For accounting purposes, Cisco
Clean Access provides RADIUS accounting functionality only.
Clean Access provides RADIUS accounting functionality only.
Summary of Operations
summarizes the operations supported. See the Cisco API page itself (via
https://<ccam-ip-or-name>/admin/cisco_api.jsp) for complete details.
Table 13-3
Operations Supported by cisco_api.jsp
Operation Name
Description
addcleanmac
Adds MAC address to Clean Access certified devices list as an exempted device
addlocaluser
(3.5.8+) Takes user name, password, and role name. Returns success or failure.
Note
getlocaluselist
,
addlocaluserlist
, and
deletelocaluser
support
guest access for dynamic token user access generation.
addmac
Adds MAC address to Devices list.
adminlogin
(3.5.4+) Administrator login returns a session ID which has to be set as a cookie
for usage of any API. Use
for usage of any API. Use
adminlogin
and
adminlogout
to create a shell script if
using authentication by session using cookies; otherwise, use the admin and
password parameters in each function.
password parameters in each function.
adminlogout
(3.5.4+) Administrator is logged out. The session is identified by the cookie. Use
adminlogin
and
adminlogout
to create a shell script if using authentication by
session using cookies; otherwise, use the admin and password parameters in each
function.
function.
changeuserrole
Change logged-in user's role
clearcertified
Clears the Clean Access certified devices list. Removal from certified devices list
ends the current session for online users (in-band or OOB)
ends the current session for online users (in-band or OOB)
deletelocaluser
(3.5.8+) Takes user name or “ALL” (to delete entire list). Returns success or
failure.
failure.
Note
getlocaluselist
,
addlocaluserlist
, and
deletelocaluser
support
guest access for dynamic token user access generation.
getcleanuserinfo
(3.5.6+) When queried with MAC or Name, the certified user(s) information is
returned. If there are multiple users matching the criteria, a list of certified users
is returned.
returned. If there are multiple users matching the criteria, a list of certified users
is returned.
getlocaluserlist
(3.5.8+) Returns a list of local users with user name and role name.
Note
getlocaluselist
,
addlocaluserlist
, and
deletelocaluser
support
guest access for dynamic token user access generation.
getoobuserinfo
(3.5.3+) When queried with IP, MAC, Name, or All, returns a list of OOB users
matched to the parameter, and user properties such as Provider, Role, Auth VLAN,
Access VLAN, OS, SwitchIP, and PortNum.
matched to the parameter, and user properties such as Provider, Role, Auth VLAN,
Access VLAN, OS, SwitchIP, and PortNum.