Figure 4 | Importing the Certificate in ISE |
Grant ISE Access to the Fiberlink MaaS360 API
The Fiberlink MaaS360 API is protected by HTTPS and requires an administrator account that has been granted permission to the API. Ideally a specific account would be configured for ISE with a very strong password. In addition to this account, only a limited number of administrator accounts should be granted the ability to create new administrators or assign administrator roles.
Before the user is created, an API role should be created for ISE, as shown in Figure 5. This role will then be tied to an administrator account assigned to ISE along with a location group for the account. Administrators can manage the system settings assigned to their role, which can be selected on a per role basis. Additional details concerning location groups are available in the Fiberlink MaaS360 documentation. A local administrator account is required for the REST MDM API roles to function properly.
10Integrating Fiberlink MaaS360 with Cisco Identity Services Engine