Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass REST API filter

This thread has been viewed 5 times

  • 1.  Clearpass REST API filter

    Posted Mar 04, 2019 03:53 PM

    Hi,

     

    I'm having a problem using the API for for getting devices by filter.

    My example of getting a device with mac filter:

     

     

    $ch = curl_init($this->apiurl."/device");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json' , "Authorization: Bearer " . $this->apikey ));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post));
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_VERBOSE,1);

    json_encode($post) returns:

    {"filter":{"mac":"54-EE-75-6B-8F-A6"}}

    I believe this is how the filter is supposed to look like.

     

    When executing the post i get this error:

     "{"validation_messages":{"mac":{"error":"MAC address must be specified"}},"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html","title":"Unprocessable Entity","status":422,"detail":"MAC address must be specified"}"

     

    Am i missing something here? For all i can see, the mac IS defined.

     

    Br,

    Thomas

     

     

     

     



  • 2.  RE: Clearpass REST API filter

    EMPLOYEE
    Posted Mar 04, 2019 04:02 PM

    Works fine for me. "filter" is a query parameter.

     

    http https://clearpass.removed.com/api/device?filter=%7B%22mac%22%3A%2200-90-A9-C3-EF-80%22%7D Authorization:"Bearer removed"


{
    "_embedded": {
        "items": [
            {
                "_links": {
                    "self": {
                        "href": "https://clearpass.removed.com/api/device/3027"
                    }
                },
                "airgroup_enable": "1",
                "airgroup_shared": "1",
                "airgroup_shared_group": "",
                "airgroup_shared_location": "",
                "airgroup_shared_role": "",
                "airgroup_shared_time": "",
                "airgroup_shared_user": "",
                "current_state": "active",
                "do_expire": "0",
                "enabled": true,
                "expire_postlogin": "0",
                "expire_time": 0,
                "id": "3027",
                "mac": "00-90-A9-C3-EF-80",
                "mac_auth": true,
                "no_password": "1",
                "no_portal": "1",
                "notes": "",
                "remote_addr": "10.20.54.6",
                "role_id": 10,
                "role_name": "Media Player",
                "simultaneous_use": "1",
                "source": "mac_create",
                "sponsor_name": "removed",
                "sponsor_profile": "1",
                "sponsor_profile_name": "Super Administrator",
                "start_time": 1465482782,
                "username": "00-90-A9-C3-EF-80",
                "visitor_carrier": null,
                "visitor_name": "wdtv"
            }
        ]
    },


  • 3.  RE: Clearpass REST API filter

    Posted Mar 04, 2019 04:14 PM

    Hi,

     

    Have you done the same with a post instead?

    I want to get ahead of possible length issues in the URL/URI.

     

    Br,

    Thomas



  • 4.  RE: Clearpass REST API filter
    Best Answer

    EMPLOYEE
    Posted Mar 04, 2019 04:16 PM
    It is a GET method only.


  • 5.  RE: Clearpass REST API filter

    Posted Mar 04, 2019 04:20 PM
    @cappalli wrote:
    It is a GET method only.

    So, what you are saying is that those colory things where the documentation says POST/GET etc actually means something?? :)

     

    God, I feel stupid. Thanks for pointing out the obvious...

     

    Br,

    Thomas