ISE MCP Server

How to use

Connect with any MCP-compatible client to discover and call the available tools. Each tool corresponds to an ISE endpoint defined in the configuration. Tool names are derived from the endpoint names, so you can start with tools like endpoints and identity_groups.

To use a tool, provide optional filters and query parameters. If a tool supports filtering, you can craft a filter_expression using fields listed for that endpoint, such as CONTAINS or EQUALS operations, combined with the target values. You can also supply arbitrary query_params to refine requests, like pagination or size limits.

Example usage patterns you may encounter include calling a tool with a filter_expression to narrow results by a specific field, or using query_params to control page size and navigation. For endpoints that do not specify filterable fields, you can still apply query parameters to tune the API requests.

How to install

Prerequisites you need before starting the server:

- Python 3.9 or higher

- Dependencies installed from requirements.txt

- A configured .env file with your ISE base URL and credentials

Step-by-step commands to get started

# 1) Create project directory and navigate to it
mkdir -p /Users/username/mcp_servers/ISE_MCP
cd /Users/username/mcp_servers/ISE_MCP

# 2) Install dependencies
pip install -r requirements.txt

# 3) Create environment file with ISE connection details
cat > .env << 'ENV'
ISE_BASE="https://your-ise-instance.example.com"
USERNAME="your-ise-api-username"
PASSWORD="your-ise-api-password"
# Optional: set to false to skip SSL verification (insecure)
ISE_VERIFY_SSL="true"
ENV

# 4) Run the MCP server in one-shot mode (for initial setup or testing)
python src/ise_mcp_server/server.py --oneshot

Configuration notes

The server reads connection details from the .env file. Ensure the ISE base URL, username, and password are set. The configuration also supports SSL verification control via ISE_VERIFY_SSL.

The set of exposed tools is generated from the endpoints defined in the src/ise_mcp_server/urls.json configuration file. Each tool derives its name from the endpoint’s human-readable name and exposes filterable fields you can use with filter_expression and additional query_params.

Additional running options and notes

Docker is provided for running the server with STDIO transport, which is common when interacting with clients like Claude Desktop. The container loads your .env file from the host and runs the MCP server accordingly.

If you prefer local development and testing without Docker, you can also run the server directly with Python, as shown above, and connect through HTTP to http://127.0.0.1:8000/mcp by default unless you modify the transport settings.

Security and maintenance notes

Keep credentials confidential and limit ISE access to trusted clients. Use TLS for ISE_BASE when possible and verify SSL configuration through ISE_VERIFY_SSL. Regularly rotate credentials and review the generated tools to ensure they reflect the current ISE endpoints and data needs.

Log messages utilize the standard Python logging configured by fastmcp, aiding troubleshooting and monitoring of server operations and API interactions.

Examples and tips

Discovered tools include endpoints and identity_groups, derived from the configured ISE endpoints. Use the corresponding docstrings on each tool to understand its purpose, target ISE endpoint, and available filtering fields.

endpoints

Tool derived from the /ers/config/endpoint endpoint. Supports fields like mac, name, description, and identityGroupName to filter results.

identity_groups

Tool derived from the /ers/config/identitygroup endpoint. Supports fields like name and description to filter results.