Meraki

Community

Login with SSO

JanF
Comes here often
‎Nov 21 2024 5:49 AM
‎Nov 21 2024 5:49 AM

Login with SSO

Maybe I'm completely on the wrong track, but I have connected our Merki to our Azure so that I can log in to the dashboard via SSO.

I used the instructions from here:
https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_S...

When testing the SSO application, access also works without any problems:
https://learn.microsoft.com/en-us/entra/identity/saas-apps/meraki-dashboard-tutorial#test-sso

However, the question now arises as to whether I really have to make the detour via the Azure portal -> Enterprise apps -> Meraki dashboard every time to log in to the dashboard. Shouldn't it also be possible to log in directly to the dashboard? For example, by simply confirming the already active SSO connection to Microsoft.
I quickly created a picture of how I would have imagined the whole construct.

2024-11-21_14h30_09.png

Labels:
0 Kudos
5 Replies 5
Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Nov 21 2024 7:35 AM
‎Nov 21 2024 7:35 AM

Did you configured a SSO subdomain in the Meraki dashboard? https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/SP-Initiated_SAML_...

 

If you do that you can navigate to that URL to login. Something like https://example.sso.meraki.com

PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 21 2024 12:53 PM
‎Nov 21 2024 12:53 PM

>the question now arises as to whether I really have to make the detour via the Azure portal -> Enterprise apps -> Meraki dashboard every time to log in to the dashboard

 

Typically, this is how an Idp flow works.  The customer goes to their Idp portal, and then clicks on the app then want to access.

 

For me personally, I have added it to the app launcher, so it is no more than two clicks away.  When I am in any Office 365 web apps (which I live in) I click on the 9 dot launcher, then "Meraki Dashboard" - bam - I'm in the Merak Dashboard all logged in.

 

If you can get it down to less than 2 mouse clicks let me know.

 

PhilipDAth_0-1732222306110.png

 

Raj007
New here
‎Apr 27 2025 3:57 AM
‎Apr 27 2025 3:57 AM

In your case, setting up a dedicated SSO subdomain (like example.sso.meraki.com) is definitely the cleaner solution, as Ryan mentioned. It lets users log in directly without needing to navigate through Azure Enterprise Apps every time.

That's how government portals handle similar login flows. In Rajasthan SSO users authenticate once with SSO id and then can directly access various services without always going back through the main dashboard.

0 Kudos
In response to Raj007
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 27 2025 12:25 PM
‎Apr 27 2025 12:25 PM

The dedicated SSO subdomain doesn't work that smoothly.  You have to go to a special URL associated with the sub-domain, and then log in from there.  You can't use it to login from the main login page.

0 Kudos
In response to PhilipDAth
sprite160
New here
‎Aug 11 2025 6:17 PM
‎Aug 11 2025 6:17 PM

Isn't this kind of a small gripe?  Our subdomain works fine, just have your users bookmark it.  In fact, almost all of the enterprise applications I setup do not have the capability of forwarding to SSO from their "main login page," and instead more often than not insist on using a subdomain URL they conveniently provide.  Seriously, maybe half a dozen out of the hundreds of enterprise apps I have in my org do this.

What would be more convenient for you?  Going to the main login page and typing in your user address, clicking next, having Meraki do some kind of lookup on the back end to determine if your email domain is part of an an SSO organization, then magically prompting SSO?  Think about that for a second.  If you did this, you would  not be able to use email address "break glass" accounts if you needed to bypass SSO and login to your dashboard.  There's a reason larger companies do this, and it's for your security that almost all of them use subdomains.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.