cisco.ise.self_registered_portal module – Resource module for Self Registered Portal
Note
This module is part of the cisco.ise collection (version 2.5.13).
To install it, use: ansible-galaxy collection install cisco.ise
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cisco.ise.self_registered_portal
.
New in cisco.ise 1.0.0
Synopsis
Manage operations create, update and delete of the resource Self Registered Portal.
This API creates a self registered portal.
This API deletes a self registered portal by ID.
This API allows the client to update a self registered portal by ID.
Note
This module has a corresponding action plugin.
Requirements
The below requirements are needed on the host that executes this module.
ciscoisesdk >= 2.0.8
python >= 3.5
Parameters
Parameter |
Comments |
---|---|
Defines all of the Portal Customizations available. |
|
Self Registered Portal’s globalCustomizations. |
|
Self Registered Portal’s backgroundImage. |
|
Represented as base 64 encoded string of the image byte array. |
|
Self Registered Portal’s bannerImage. |
|
Represented as base 64 encoded string of the image byte array. |
|
Self Registered Portal’s bannerTitle. |
|
Self Registered Portal’s contactText. |
|
Self Registered Portal’s desktopLogoImage. |
|
Represented as base 64 encoded string of the image byte array. |
|
Self Registered Portal’s footerElement. |
|
Self Registered Portal’s mobileLogoImage. |
|
Represented as base 64 encoded string of the image byte array. |
|
This property is supported only for Read operation and it allows to show the customizations in English. Other languages are not supported. |
|
Self Registered Portal’s viewLanguage. |
|
Represent the entire page customization as a giant dictionary. |
|
The Dictionary will be exposed here as key value pair. |
|
Self Registered Portal’s key. |
|
Self Registered Portal’s value. |
|
Self Registered Portal’s portalTheme. |
|
Self Registered Portal’s id. |
|
The system- or user-assigned name of the portal theme. |
|
A CSS file, represented as a Base64-encoded byte array. |
|
The Tweak Settings are a customization of the Portal Theme that has been selected for the portal. When the Portal Theme selection is changed, the Tweak Settings are overwritten to match the values in the theme. The Tweak Settings can subsequently be changed by the user. |
|
Hex value of color. |
|
Self Registered Portal’s bannerTextColor. |
|
Self Registered Portal’s pageBackgroundColor. |
|
Self Registered Portal’s pageLabelAndTextColor. |
|
Self Registered Portal’s description. |
|
Self Registered Portal’s id. |
|
Flag for Identity Services Engine SDK to enable debugging. Choices: |
|
The Identity Services Engine hostname. |
|
The Identity Services Engine password to authenticate. |
|
Timeout (in seconds) for RESTful HTTP requests. Default: :ansible-option-default:`60` |
|
The Identity Services Engine username to authenticate. |
|
Flag that informs the SDK whether to use the Identity Services Engine’s API Gateway to send requests. If it is true, it uses the ISE’s API Gateway and sends requests to https://{{ise_hostname}}. If it is false, it sends the requests to https://{{ise_hostname}}:{{port}}, where the port value depends on the Service used (ERS, Mnt, UI, PxGrid). Choices: |
|
Flag that informs the SDK whether we send the CSRF token to ISE’s ERS APIs. If it is True, the SDK assumes that your ISE CSRF Check is enabled. If it is True, it assumes you need the SDK to manage the CSRF token automatically for you. Choices: |
|
Flag to enable or disable SSL certificate verification. Choices: |
|
Informs the SDK which version of Identity Services Engine to use. |
|
Flag for Identity Services Engine SDK to enable automatic rate-limit handling. Choices: |
|
Self Registered Portal’s name. |
|
URL to bring up a test page for this portal. |
|
Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, - SPONSOR, - SPONSOREDGUEST. |
|
Defines all of the settings groups available for a portal. |
|
Self Registered Portal’s aupSettings. |
|
How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, - RECURRING. |
|
Number of days between AUP confirmations (when displayFrequency = recurring). |
|
Require the portal user to read and accept an AUP. Choices: |
|
Require the portal user to scroll to the end of the AUP. Only valid if requireAupAcceptance = true. Choices: |
|
RequireScrolling flag. Choices: |
|
Only valid if requireAupAcceptance = trueG. Choices: |
|
Only valid if requireAupAcceptance = trueG. Choices: |
|
Self Registered Portal’s authSuccessSettings. |
|
Self Registered Portal’s redirectUrl. |
|
Self Registered Portal’s successRedirect. |
|
Configuration of BYOD Device Welcome, Registration and Success steps. |
|
Configuration of BYOD endpoint Registration step configuration. |
|
Identity group id for which endpoint belongs. |
|
Display Device ID field during registration. Choices: |
|
Configuration of BYOD endpoint Registration Success step configuration. |
|
Target URL for redirection, used when successRedirect = URL. |
|
After an Authentication Success where should device be redirected. Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - URL. |
|
Configuration of BYOD endpoint welcome step configuration. |
|
How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. |
|
EnableBYOD flag. Choices: |
|
EnableGuestAccess flag. Choices: |
|
IncludeAup flag. Choices: |
|
RequireAupAcceptance flag. Choices: |
|
RequireMDM flag. Choices: |
|
Require BYOD devices to scroll down to the bottom of the AUP, Only valid if includeAup = true. Choices: |
|
Self Registered Portal’s guestChangePasswordSettings. |
|
Allow guest to change their own passwords. Choices: |
|
Self Registered Portal’s guestDeviceRegistrationSettings. |
|
Allow guests to register devices. Choices: |
|
Automatically register guest devices. Choices: |
|
Portal Login Page settings groups follow. |
|
Access code that must be entered by the portal user (only valid if requireAccessCode = true). |
|
AllowAlternateGuestPortal flag. Choices: |
|
AllowForgotPassword flag. Choices: |
|
Require the portal user to enter an access code. Choices: |
|
AllowGuestToCreateAccounts flag. Choices: |
|
AllowGuestToUseSocialAccounts flag. Choices: |
|
AllowShowGuestForm flag. Choices: |
|
Self Registered Portal’s alternateGuestPortal. |
|
How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. |
|
Include an Acceptable Use Policy (AUP) that should be displayed during login. Choices: |
|
Maximum failed login attempts before rate limiting. |
|
Require the portal user to enter an access code. Choices: |
|
Require the portal user to accept the AUP. Only valid if includeAup = true. Choices: |
|
Self Registered Portal’s socialConfigs. |
|
Self Registered Portal’s socialMediaType. |
|
Self Registered Portal’s socialMediaValue. |
|
Time between login attempts when rate limiting. |
|
The port, interface, certificate, and other basic settings of a portal. |
|
Interfaces that the portal will be reachable on. Allowed values - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. |
|
Self Registered Portal’s alwaysUsedLanguage. |
|
Unique Id of a guest type. Employees using this portal as a guest inherit login options from the guest type. |
|
Unique Id of the identity source sequence. |
|
Logical name of the x.509 server certificate that will be used for the portal. |
|
Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. |
|
Used when displayLang = USEBROWSERLOCALE. |
|
The port number that the allowed interfaces will listen on. Range from 8000 to 8999. |
|
Self Registered Portal’s postAccessBannerSettings. |
|
IncludePostAccessBanner flag. Choices: |
|
Self Registered Portal’s postLoginBannerSettings. |
|
Include a Post-Login Banner page. Choices: |
|
Self Registered Portal’s selfRegPageSettings. |
|
Self-registered guest account is valid for this many account_validity_time_units. |
|
Time units for account_validity_duration. Allowed Values - DAYS, - HOURS, - MINUTES. |
|
AllowGraceAccess flag. Choices: |
|
Only valid if requireGuestApproval = true and sendApprovalRequestTo = SELECTEDEMAILADDRESSES. |
|
This attribute, along with approveDenyLinksValidFor, specifies how long the link can be used. Only valid if requireGuestApproval = true. Allowed Values - DAYS, - HOURS, - MINUTES. |
|
This attribute, along with approveDenyLinksTimeUnits, specifies how long the link can be used. Only valid if requireGuestApproval = true. |
|
Guests are assigned to this guest type. |
|
How the AUP should be displayed, either on page or as a link. Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. |
|
AuthenticateSponsorsUsingPortalList flag. Choices: |
|
Allow guests to login automatically from self-registration after sponsor’s approval. No need to provide the credentials by guest to login. Choices: |
|
Waiting period for auto login until sponsor’s approval. If time exceeds, guest has to login manually by providing the credentials. Default value is 5 minutes. |
|
If true, send credential notification upon approval using email. Only valid if requireGuestApproval = true. Choices: |
|
If true, send credential notification upon approval using SMS. Only valid if requireGuestApproval = true. Choices: |
|
Disallow guests with an e-mail address from selected domains. Choices: |
|
Allow guests with an e-mail address from selected domains. Choices: |
|
Self Registered Portal’s fieldCompany. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldEmailAddr. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldFirstName. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldLastName. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldLocation. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldPersonBeingVisited. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldPhoneNo. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldReasonForVisit. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldSMSProvider. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s fieldUserName. |
|
Only applicable if include = true. Choices: |
|
Self Registered Portal’s graceAccessExpireInterval. |
|
GraceAccessSendAccountExpiration flag. Choices: |
|
Disallow guests with an e-mail address from selected domains. |
|
Self-registered guests whose e-mail address is in one of these domains will be allowed. Only valid if enableGuestEmailWhitelist = true. |
|
Include an Acceptable Use Policy (AUP) that should be displayed during login. Choices: |
|
After the registration submission direct the guest user to one of the following pages. Only valid if requireGuestApproval = true. Allowed Values - SELFREGISTRATIONSUCCESS, - LOGINPAGEWITHINSTRUCTIONS - URL. |
|
URL where guest user is redirected after registration. Only valid if requireGuestApproval = true and postRegistrationRedirect = URL. |
|
The registration code that the guest user must enter. |
|
When self-registered guests require approval, an approval request is e-mailed to one or more sponsor users. If the Cisco ISE Administrator chooses to include an approval link in the e-mail, a sponsor user who clicks the link will be required to enter their username and password if this attribute is true. Only valid if requireGuestApproval = true. Choices: |
|
Require the portal user to accept the AUP. Only valid if includeAup = true. Choices: |
|
Require self-registered guests to be approved if true. Choices: |
|
Self-registered guests are required to enter a registration code. Choices: |
|
Guests can choose from these locations to set their time zone. |
|
This attribute is an array of SMS provider names. |
|
Specifies where approval requests are sent. Only valid if requireGuestApproval = true. Allowed Values - SELECTEDEMAILADDRESSES, - PERSONBEINGVISITED. |
|
Self Registered Portal’s sponsorPortalList. |
|
Self Registered Portal’s selfRegSuccessSettings. |
|
AllowGuestLoginFromSelfregSuccessPage flag. Choices: |
|
AllowGuestSendSelfUsingEmail flag. Choices: |
|
AllowGuestSendSelfUsingPrint flag. Choices: |
|
AllowGuestSendSelfUsingSMS flag. Choices: |
|
IncludeAup flag. Choices: |
|
IncludeCompany flag. Choices: |
|
IncludeEmailAddr flag. Choices: |
|
IncludeFirstName flag. Choices: |
|
IncludeLastName flag. Choices: |
|
IncludeLocation flag. Choices: |
|
IncludePassword flag. Choices: |
|
IncludePersonBeingVisited flag. Choices: |
|
IncludePhoneNo flag. Choices: |
|
IncludeReasonForVisit flag. Choices: |
|
IncludeSMSProvider flag. Choices: |
|
IncludeUserName flag. Choices: |
|
RequireAupAcceptance flag. Choices: |
|
RequireAupScrolling flag. Choices: |
|
Self Registered Portal’s supportInfoSettings. |
|
The default value displayed for an empty field. Only valid when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. |
|
Specifies how empty fields are handled on the Support Information Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. |
|
IncludeBrowserUserAgent flag. Choices: |
|
IncludeFailureCode flag. Choices: |
|
IncludeIpAddress flag. Choices: |
|
IncludeMacAddr flag. Choices: |
|
IncludePolicyServer flag. Choices: |
|
IncludeSupportInfoPage flag. Choices: |
Notes
Note
SDK Method used are self_registered_portal.SelfRegisteredPortal.create_self_registered_portal, self_registered_portal.SelfRegisteredPortal.delete_self_registered_portal_by_id, self_registered_portal.SelfRegisteredPortal.update_self_registered_portal_by_id,
Paths used are post /ers/config/selfregportal, delete /ers/config/selfregportal/{id}, put /ers/config/selfregportal/{id},
Does not support
check_mode
The plugin runs on the control node and does not use any ansible connection plugins, but instead the embedded connection manager from Cisco ISE SDK
The parameters starting with ise_ are used by the Cisco ISE Python SDK to establish the connection
See Also
See also
- Cisco ISE documentation for SelfRegisteredPortal
Complete reference of the SelfRegisteredPortal API.
Examples
- name: Update by id
cisco.ise.self_registered_portal:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
customizations:
globalCustomizations:
backgroundImage:
data: string
bannerImage:
data: string
bannerTitle: string
contactText: string
desktopLogoImage:
data: string
footerElement: string
mobileLogoImage:
data: string
language:
viewLanguage: string
pageCustomizations:
data:
- key: string
value: string
portalTheme:
id: string
name: string
themeData: string
portalTweakSettings:
bannerColor: string
bannerTextColor: string
pageBackgroundColor: string
pageLabelAndTextColor: string
description: string
id: string
name: string
portalTestUrl: string
portalType: string
settings:
aupSettings:
displayFrequency: string
displayFrequencyIntervalDays: 0
includeAup: true
requireAupScrolling: true
requireScrolling: true
skipAupForEmployees: true
useDiffAupForEmployees: true
authSuccessSettings:
redirectUrl: string
successRedirect: string
byodSettings:
byodRegistrationSettings:
endPointIdentityGroupId: string
showDeviceID: true
byodRegistrationSuccessSettings:
redirectUrl: string
successRedirect: string
byodWelcomeSettings:
aupDisplay: string
enableBYOD: true
enableGuestAccess: true
includeAup: true
requireAupAcceptance: true
requireMDM: true
requireScrolling: true
guestChangePasswordSettings:
allowChangePasswdAtFirstLogin: true
guestDeviceRegistrationSettings:
allowGuestsToRegisterDevices: true
autoRegisterGuestDevices: true
loginPageSettings:
accessCode: string
allowAlternateGuestPortal: true
allowForgotPassword: true
allowGuestToChangePassword: true
allowGuestToCreateAccounts: true
allowGuestToUseSocialAccounts: true
allowShowGuestForm: true
alternateGuestPortal: string
aupDisplay: string
includeAup: true
maxFailedAttemptsBeforeRateLimit: 0
requireAccessCode: true
requireAupAcceptance: true
socialConfigs:
- socialMediaType: string
socialMediaValue: string
timeBetweenLoginsDuringRateLimit: 0
portalSettings:
allowedInterfaces:
- string
alwaysUsedLanguage: string
assignedGuestTypeForEmployee: string
authenticationMethod: string
certificateGroupTag: string
displayLang: string
fallbackLanguage: string
httpsPort: 0
postAccessBannerSettings:
includePostAccessBanner: true
postLoginBannerSettings:
includePostAccessBanner: true
selfRegPageSettings:
accountValidityDuration: 0
accountValidityTimeUnits: string
allowGraceAccess: true
approvalEmailAddresses: string
approveDenyLinksTimeUnits: string
approveDenyLinksValidFor: 0
assignGuestsToGuestType: string
aupDisplay: string
authenticateSponsorsUsingPortalList: true
autoLoginSelfWait: true
autoLoginTimePeriod: 0
credentialNotificationUsingEmail: true
credentialNotificationUsingSms: true
enableGuestEmailBlacklist: true
enableGuestEmailWhitelist: true
fieldCompany:
include: true
require: true
fieldEmailAddr:
include: true
require: true
fieldFirstName:
include: true
require: true
fieldLastName:
include: true
require: true
fieldLocation:
include: true
require: true
fieldPersonBeingVisited:
include: true
require: true
fieldPhoneNo:
include: true
require: true
fieldReasonForVisit:
include: true
require: true
fieldSmsProvider:
include: true
require: true
fieldUserName:
include: true
require: true
graceAccessExpireInterval: 0
graceAccessSendAccountExpiration: true
guestEmailBlacklistDomains:
- string
guestEmailWhitelistDomains:
- string
includeAup: true
postRegistrationRedirect: string
postRegistrationRedirectUrl: string
registrationCode: string
requireApproverToAuthenticate: true
requireAupAcceptance: true
requireGuestApproval: true
requireRegistrationCode: true
selectableLocations:
- string
selectableSmsProviders:
- string
sendApprovalRequestTo: string
sponsorPortalList:
- string
selfRegSuccessSettings:
allowGuestLoginFromSelfregSuccessPage: true
allowGuestSendSelfUsingEmail: true
allowGuestSendSelfUsingPrint: true
allowGuestSendSelfUsingSms: true
aupOnPage: true
includeAup: true
includeCompany: true
includeEmailAddr: true
includeFirstName: true
includeLastName: true
includeLocation: true
includePassword: true
includePersonBeingVisited: true
includePhoneNo: true
includeReasonForVisit: true
includeSmsProvider: true
includeUserName: true
requireAupAcceptance: true
requireAupScrolling: true
supportInfoSettings:
defaultEmptyFieldValue: string
emptyFieldDisplay: string
includeBrowserUserAgent: true
includeFailureCode: true
includeIpAddress: true
includeMacAddr: true
includePolicyServer: true
includeSupportInfoPage: true
- name: Delete by id
cisco.ise.self_registered_portal:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: absent
id: string
- name: Create
cisco.ise.self_registered_portal:
ise_hostname: "{{ise_hostname}}"
ise_username: "{{ise_username}}"
ise_password: "{{ise_password}}"
ise_verify: "{{ise_verify}}"
state: present
customizations:
globalCustomizations:
backgroundImage:
data: string
bannerImage:
data: string
bannerTitle: string
contactText: string
desktopLogoImage:
data: string
footerElement: string
mobileLogoImage:
data: string
language:
viewLanguage: string
pageCustomizations:
data:
- key: string
value: string
portalTheme:
id: string
name: string
themeData: string
portalTweakSettings:
bannerColor: string
bannerTextColor: string
pageBackgroundColor: string
pageLabelAndTextColor: string
description: string
name: string
portalTestUrl: string
portalType: string
settings:
aupSettings:
displayFrequency: string
displayFrequencyIntervalDays: 0
includeAup: true
requireAupScrolling: true
requireScrolling: true
skipAupForEmployees: true
useDiffAupForEmployees: true
authSuccessSettings:
redirectUrl: string
successRedirect: string
byodSettings:
byodRegistrationSettings:
endPointIdentityGroupId: string
showDeviceID: true
byodRegistrationSuccessSettings:
redirectUrl: string
successRedirect: string
byodWelcomeSettings:
aupDisplay: string
enableBYOD: true
enableGuestAccess: true
includeAup: true
requireAupAcceptance: true
requireMDM: true
requireScrolling: true
guestChangePasswordSettings:
allowChangePasswdAtFirstLogin: true
guestDeviceRegistrationSettings:
allowGuestsToRegisterDevices: true
autoRegisterGuestDevices: true
loginPageSettings:
accessCode: string
allowAlternateGuestPortal: true
allowForgotPassword: true
allowGuestToChangePassword: true
allowGuestToCreateAccounts: true
allowGuestToUseSocialAccounts: true
allowShowGuestForm: true
alternateGuestPortal: string
aupDisplay: string
includeAup: true
maxFailedAttemptsBeforeRateLimit: 0
requireAccessCode: true
requireAupAcceptance: true
socialConfigs:
- socialMediaType: string
socialMediaValue: string
timeBetweenLoginsDuringRateLimit: 0
portalSettings:
allowedInterfaces:
- string
alwaysUsedLanguage: string
assignedGuestTypeForEmployee: string
authenticationMethod: string
certificateGroupTag: string
displayLang: string
fallbackLanguage: string
httpsPort: 0
postAccessBannerSettings:
includePostAccessBanner: true
postLoginBannerSettings:
includePostAccessBanner: true
selfRegPageSettings:
accountValidityDuration: 0
accountValidityTimeUnits: string
allowGraceAccess: true
approvalEmailAddresses: string
approveDenyLinksTimeUnits: string
approveDenyLinksValidFor: 0
assignGuestsToGuestType: string
aupDisplay: string
authenticateSponsorsUsingPortalList: true
autoLoginSelfWait: true
autoLoginTimePeriod: 0
credentialNotificationUsingEmail: true
credentialNotificationUsingSms: true
enableGuestEmailBlacklist: true
enableGuestEmailWhitelist: true
fieldCompany:
include: true
require: true
fieldEmailAddr:
include: true
require: true
fieldFirstName:
include: true
require: true
fieldLastName:
include: true
require: true
fieldLocation:
include: true
require: true
fieldPersonBeingVisited:
include: true
require: true
fieldPhoneNo:
include: true
require: true
fieldReasonForVisit:
include: true
require: true
fieldSmsProvider:
include: true
require: true
fieldUserName:
include: true
require: true
graceAccessExpireInterval: 0
graceAccessSendAccountExpiration: true
guestEmailBlacklistDomains:
- string
guestEmailWhitelistDomains:
- string
includeAup: true
postRegistrationRedirect: string
postRegistrationRedirectUrl: string
registrationCode: string
requireApproverToAuthenticate: true
requireAupAcceptance: true
requireGuestApproval: true
requireRegistrationCode: true
selectableLocations:
- string
selectableSmsProviders:
- string
sendApprovalRequestTo: string
sponsorPortalList:
- string
selfRegSuccessSettings:
allowGuestLoginFromSelfregSuccessPage: true
allowGuestSendSelfUsingEmail: true
allowGuestSendSelfUsingPrint: true
allowGuestSendSelfUsingSms: true
aupOnPage: true
includeAup: true
includeCompany: true
includeEmailAddr: true
includeFirstName: true
includeLastName: true
includeLocation: true
includePassword: true
includePersonBeingVisited: true
includePhoneNo: true
includeReasonForVisit: true
includeSmsProvider: true
includeUserName: true
requireAupAcceptance: true
requireAupScrolling: true
supportInfoSettings:
defaultEmptyFieldValue: string
emptyFieldDisplay: string
includeBrowserUserAgent: true
includeFailureCode: true
includeIpAddress: true
includeMacAddr: true
includePolicyServer: true
includeSupportInfoPage: true
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
A dictionary or list with the response returned by the Cisco ISE Python SDK Returned: always |