Security

 View Only

  • 1.  ClearPass : Guest API - Delete a device

    Posted Apr 11, 2025 11:31 AM

    Hi !

    I would like to delete a device from Guest Device DB with a CPPM Enf. Profile.
    Adding a device with JSON content is OK but I can't find the good syntax to delete a device.

    API URI : /device/mac
    I would like to send %{Connection:Client-Mac-Address-Upper-Hyphen} in the URL as expected by the API, but it's not working.

    I can delete a device with @MAC with API explorer, also with Postman. But, I can't find a way to do this with Policy Manager.
    Where should I put the variable %{Connection:Client-Mac-Address-Upper-Hyphen} in the Action ? (URL, Content, ... ) 

    Thanks !



    ------------------------------
    CyberSec & Network Engineer - ACCX #1532 - ACX-NS - APC ClearPass - ACMP
    ------------------------------


  • 2.  RE: ClearPass : Guest API - Delete a device

    Posted Apr 22, 2025 08:46 AM

    UP :-)

    Does anyone do that ?



    ------------------------------
    CyberSec & Network Engineer - ACCX #1532 - ACX-NS - APC ClearPass - ACMP
    ------------------------------

    Original Message


  • 3.  RE: ClearPass : Guest API - Delete a device

    Posted Apr 23, 2025 09:47 AM

    Can you try doing an Enforcement profile with Generic HTTP method Delete with URL: https://<clearpass-ip-or-fqdn>/api/device/mac/%{Connection:Client-Mac-Address-Upper-Hyphen}




    ------------------------------
    Shpat | ACEP | ACMP | ACCP | ACDP
    Just an Aruba enthusiast and contributor by cases
    If you find my comment helpful, KUDOS are appreciated.
    ------------------------------

    Original Message


  • 4.  RE: ClearPass : Guest API - Delete a device

    Posted Jun 03, 2025 06:21 AM

    Hi,

    I tried this configuration with no success.

    HTTP ADD : OK
    HTTP DEL : KO

    You can see the configuration bellow  (HTTP DELETE)

    Endpoint Contect Server DELETE
    Endpoint Contect Server DELETE (header)
    Endpoint Contect Server DELETE
    and HTTP ADD :
    Endpoint Contect Server ADD
    Endpoint Contect Server ADD
    I can't figure out where the mistake is.

    Thanks.


    ------------------------------
    CyberSec & Network Engineer - ACCX #1532 - ACX-NS - APC ClearPass - ACMP
    ------------------------------

    Original Message


  • 5.  RE: ClearPass : Guest API - Delete a device

    Posted Jun 04, 2025 06:56 AM

    The URL should contain /api/, but it is probably in the server base URL in the Endpoint Cintex server 172.26.22.10, otherwise the ADD would not work either.

    Is it possibly a question of authorization? Is your API client also allowed to delete guest devices?

    Have you looked in the log - in the guest module under Home/Administration/Support/Application Log?



    ------------------------------
    Regards,

    Waldemar
    ACCX # 1377, ACEP, ACX - Network Security
    If you find my answer useful, consider giving kudos and/or mark as solution
    ------------------------------

    Original Message


  • 6.  RE: ClearPass : Guest API - Delete a device

    Posted Jun 05, 2025 07:54 AM
    You are right; the /api/ is in the Endpoint Context Server object.
    Authorization: The API client is a Super Administrator, so I assume it is allowed to delete guest devices.
    When I use a Bearer Token from this API client on the API Explorer, it is able to delete guest devices.
    The support team is working on it.
    Thanks !


    ------------------------------
    CyberSec & Network Engineer - ACCX #1532 - ACX-NS - APC ClearPass - ACMP
    ------------------------------

    Original Message


Related Content