'get-internal-user-by-id.py' Source Code

#!/usr/bin/env python

###########################################################################
#                                                                         #
# This script demonstrates how to use the ISE ERS internal users          #
# API  by executing a Python script.                                      #
#                                                                         #
# SECURITY WARNING - DO NOT USE THIS SCRIPT IN PRODUCTION!                #
# The script allows connections to SSL sites without trusting             #
# the server certificates.                                                #
# For production, it is required to add certificate check.                #
#                                                                         #
# Usage: get-internal-user-by-id.py <ISE host> <ERS user> <ERS password>  #
#  <user ID>                                                              #
###########################################################################

import http.client
import base64
import ssl
import sys

# parameters
user_id = sys.argv[4]  # "d83da9b6-6fd0-4704-bc37-69ceaaa5f633"

# host and authentication credentials
host = sys.argv[1] # "10.20.30.40"
user = sys.argv[2] # "ersad"
password = sys.argv[3] # "Password1"


conn = http.client.HTTPSConnection("{}:9060".format(host), context=ssl.SSLContext(ssl.PROTOCOL_TLSv1))

creds = str.encode(':'.join((user, password)))
encodedAuth = bytes.decode(base64.b64encode(creds))

headers = {
    'accept': "application/json",
    'authorization': " ".join(("Basic",encodedAuth)),
    'cache-control': "no-cache",
    }

conn.request("GET", "/ers/config/internaluser/{}".format(user_id), headers=headers)

res = conn.getresponse()
data = res.read()

print("Status: {}".format(res.status))
print("Header:\n{}".format(res.headers))
print("Body:\n{}".format(data.decode("utf-8")))

Execution

python get-internal-user-by-id.py 10.20.30.40 ersad Password1 f330048f-cfb0-45db-8ef0-39efc650b711

Status: 200 (OK)
Header:
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONIDSSO=8FB53247F051C868E26735CE8D0995D4; Path=/; Secure; HttpOnly
Set-Cookie: APPSESSIONID=DDCB3685B85A746ED17C59007C43C875; Path=/ers; Secure; HttpOnly
Pragma: no-cache
ETag: "6E711ED1C96FCCF77EF9AF731A86DEB7"
Date: Thu, 01 Dec 2016 17:10:59 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 615
Server: 


Body:
{
  "InternalUser" : {
    "id" : "f330048f-cfb0-45db-8ef0-39efc650b711",
    "name" : "chris",
    "enabled" : true,
    "email" : "a@s.com",
    "password" : "*******",
    "firstName" : "Chris",
    "lastName" : "Colombus",
    "changePassword" : true,
    "expiryDateEnabled" : true,
    "expiryDate" : "2017-01-30",
    "enablePassword" : "*******",
    "customAttributes" : {
    },
    "passwordIDStore" : "Internal Users",
    "link" : {
      "rel" : "self",
      "href" : "https://10.20.30.40:9060/ers/config/internaluser/f330048f-cfb0-45db-8ef0-39efc650b711",
      "type" : "application/xml"
    }
  }
}