Actions34
- Devices Actions
- Endpoints Actions
- Guest Users Actions
- Local Users Actions
Overview
This node integrates with the Aruba ClearPass API, specifically allowing users to create device accounts within the "Devices" resource under the "Identities" domain. It is designed to automate device management tasks such as registering new devices by their MAC address and assigning roles and other attributes programmatically.
Common scenarios where this node is beneficial include:
- Automatically onboarding new network devices by creating device entries in ClearPass.
- Assigning specific roles or permissions to devices based on business logic.
- Scheduling device account activation and expiration times.
- Adding metadata like visitor or sponsor information for guest or temporary devices.
Practical example: A network administrator can use this node in an automation workflow to register a new device when it connects to the network, assign it a role ID that controls its access level, and set an expiration time after which the device will no longer be authorized.
Properties
| Name | Meaning |
|---|---|
| Domain | The API domain to access. Options: Identities, Policy Elements, Enforcement Profile. For device creation, must be Identities. |
| MAC Address | The MAC address of the device to create. Required string input. |
| Role ID | Numeric identifier of the role to assign to the device account. Required number input. |
| Additional Fields | Optional collection of extra fields to specify additional device account details: - Role Name: Name of the role to assign. - Enabled: Boolean to enable/disable the account. - Start Time: Activation time (ISO 8601). - Expire Time: Expiration time (ISO 8601). - Visitor Name: Display name for the account. - Sponsor Name: Name of the sponsor. - Sponsor Profile: Numeric profile ID of the sponsor. - Notes: Comments or notes. - Source: Origin of the account. - Custom Fields: JSON object for custom data. |
| Options | Optional collection of operational options: - Change of Authorization: Whether to update network state using Disconnect-Request or CoA-Request. Options: Use Default Setting, Yes, No. |
Output
The node outputs an array of JSON objects representing the response from the ClearPass API after creating the device account. Each item typically contains the created device's details including assigned roles, status, timestamps, and any metadata returned by the API.
If binary data were involved (not indicated here), it would represent files or attachments related to the device, but this node focuses on JSON data only.
Dependencies
- Requires an active connection to Aruba ClearPass API via an API key credential configured in n8n.
- The node depends on internal helper functions (
executeOperation) to perform the API call. - Proper network connectivity and API permissions are necessary to create device accounts.
- The user must configure the "clearPassApi" credential with appropriate authentication tokens.
Troubleshooting
Common Issues:
- Invalid or missing MAC address format may cause API errors.
- Incorrect role ID or role name can lead to authorization failures.
- Network or authentication issues with ClearPass API will prevent successful execution.
- Date/time fields must be in ISO 8601 format; otherwise, the API may reject them.
Error Messages:
- Errors thrown by the API are caught and logged. If "Continue on Fail" is enabled, the error message is returned as output JSON under
error. - Typical error messages might include authentication failures, invalid parameters, or permission denied.
- Errors thrown by the API are caught and logged. If "Continue on Fail" is enabled, the error message is returned as output JSON under
Resolutions:
- Verify all required fields are correctly filled.
- Ensure API credentials are valid and have sufficient permissions.
- Confirm date/time formats comply with ISO 8601.
- Check network connectivity to the ClearPass server.
Links and References
- Aruba ClearPass API Documentation
- ISO 8601 Date and Time Format
- n8n Documentation on Creating Custom Nodes