Skip to content
Network as Code

Authorization Profile

Location in GUI: Work Centers » Network Access » Policy Elements » Results » Authorization Profiles

Diagram

Diagram

Classes

policy_elements (ise.network_access)

NameTypeConstraintMandatoryDefault Value
authorization_profilesList[authorization_profiles]No

authorization_profiles (ise.network_access.policy_elements)

NameTypeConstraintMandatoryDefault Value
nameStringRegex: ^[\w\d_\-\. ]+$Yes
descriptionStringNo
vlan_name_idStringNo
vlan_tag_idIntegermin: 0, max: 31No
web_redirectionClass[web_redirection]No
agentless_postureBooleantrue, falseNofalse
access_typeChoiceACCESS_ACCEPT, ACCESS_REJECTNoACCESS_ACCEPT
profile_nameStringNo
airespace_aclStringNo
airespace_ipv6_aclStringNo
aclStringNo
dacl_nameStringNo
ipv6_dacl_nameStringNo
auto_smart_portStringNo
interface_templateStringNo
ipv6_acl_filterStringNo
avc_profileStringNo
asa_vpnStringNo
unique_identifierStringNo
track_movementBooleantrue, falseNofalse
service_templateBooleantrue, falseNofalse
easywired_session_candidateBooleantrue, falseNofalse
voice_domain_permissionBooleantrue, falseNofalse
neatBooleantrue, falseNofalse
web_authBooleantrue, falseNofalse
mac_sec_policyChoiceMUST_SECURE, MUST_NOT_SECURE, SHOULD_SECURENo
reauthentication_connectivityChoiceDEFAULT, RADIUS_REQUESTNo
reauthentication_timerIntegermin: 1, max: 65535No
advanced_attributesList[advanced_attributes]No

web_redirection (ise.network_access.policy_elements.authorization_profiles)

NameTypeConstraintMandatoryDefault Value
typeChoiceCentralizedWebAuth, HotSpot, NativeSupplicanProvisioning, ClientProvisioningNo
aclStringNo
portal_nameStringNo
static_ip_host_name_fqdnStringNo
display_certificates_renewal_messagesBooleantrue, falseNo

advanced_attributes (ise.network_access.policy_elements.authorization_profiles)

NameTypeConstraintMandatoryDefault Value
nameStringYes
valueStringYes

Examples

ise:
  network_access:
    policy_elements:
      authorization_profiles:
        - name: PERMIT_vlan1
          description: "PERMIT_vlan1"
          access_type: "ACCESS_ACCEPT"
          track_movement: false
          agentless_posture: false
          service_template: false
          easywired_session_candidate: false
          profile_name: "Cisco"
          vlan_tag_id: 1
          vlan_name_id: VLAN1