Lately, SSO login for Meraki Dashboard has been a huge nuisance for me, as I'm getting access to more and more customer organisations that use SAML SSO in their organizations.
If unsuccessful in convincing their IT teams to add me directly as a local admin to their Org, I have to go through having my account created in their Azure tenant.
Which by all means is probably also the correct way, IT security wise.
But as an MSP with access to many customers, SSO is a PITA. Many customers followed the guides on the Meraki Documentation on how to setup SSO for their org in Meraki, but this has also resulted in many organisations' lack of consideration of the different SAML attributes in Azure.
An easy fix would be to set the username attribute to something else than userprincipalname, which for some reason equates to their email address. In my tests, using employeeid is usually the best alternative, since chances are that this is more unique between customers and organisations, and especially for external consultants like myself.
I'm curious as to how others handle SAML SSO from an MSP stand of view? Do you also spend days during first time onboarding in just trying to get access, by having to make the customer reconfigure their Dashboard App, which by all means works for them?
What are you tips&tricks for when setting up SAML SSO? Or is there a simple Meraki setting that I'm just not aware of, that will fix everything, without having to touch their Azure tenant?
LinkedIn :::
https://blog.rhbirkelund.dk/Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution
🙂All code examples are provided as is. Responsibility for Code execution lies solely your own.
