Meraki

Community

Login with SSO

JanF
Comes here often
‎Nov 21 2024 5:49 AM
‎Nov 21 2024 5:49 AM

Login with SSO

Maybe I'm completely on the wrong track, but I have connected our Merki to our Azure so that I can log in to the dashboard via SSO.

I used the instructions from here:
https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_S...

When testing the SSO application, access also works without any problems:
https://learn.microsoft.com/en-us/entra/identity/saas-apps/meraki-dashboard-tutorial#test-sso

However, the question now arises as to whether I really have to make the detour via the Azure portal -> Enterprise apps -> Meraki dashboard every time to log in to the dashboard. Shouldn't it also be possible to log in directly to the dashboard? For example, by simply confirming the already active SSO connection to Microsoft.
I quickly created a picture of how I would have imagined the whole construct.

2024-11-21_14h30_09.png

Labels:
0 Kudos
8 Replies 8
Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Nov 21 2024 7:35 AM
‎Nov 21 2024 7:35 AM

Did you configured a SSO subdomain in the Meraki dashboard? https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/SP-Initiated_SAML_...

 

If you do that you can navigate to that URL to login. Something like https://example.sso.meraki.com

PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 21 2024 12:53 PM
‎Nov 21 2024 12:53 PM

>the question now arises as to whether I really have to make the detour via the Azure portal -> Enterprise apps -> Meraki dashboard every time to log in to the dashboard

 

Typically, this is how an Idp flow works.  The customer goes to their Idp portal, and then clicks on the app then want to access.

 

For me personally, I have added it to the app launcher, so it is no more than two clicks away.  When I am in any Office 365 web apps (which I live in) I click on the 9 dot launcher, then "Meraki Dashboard" - bam - I'm in the Merak Dashboard all logged in.

 

If you can get it down to less than 2 mouse clicks let me know.

 

PhilipDAth_0-1732222306110.png

 

Raj007
New here
‎Apr 27 2025 3:57 AM
‎Apr 27 2025 3:57 AM

In your case, setting up a dedicated SSO subdomain (like example.sso.meraki.com) is definitely the cleaner solution, as Ryan mentioned. It lets users log in directly without needing to navigate through Azure Enterprise Apps every time.

That's how government portals handle similar login flows. In Rajasthan SSO users authenticate once with SSO id and then can directly access various services without always going back through the main dashboard.

0 Kudos
In response to Raj007
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 27 2025 12:25 PM
‎Apr 27 2025 12:25 PM

The dedicated SSO subdomain doesn't work that smoothly.  You have to go to a special URL associated with the sub-domain, and then log in from there.  You can't use it to login from the main login page.

0 Kudos
In response to PhilipDAth
sprite160
New here
‎Aug 11 2025 6:17 PM
‎Aug 11 2025 6:17 PM

Isn't this kind of a small gripe?  Our subdomain works fine, just have your users bookmark it.  In fact, almost all of the enterprise applications I setup do not have the capability of forwarding to SSO from their "main login page," and instead more often than not insist on using a subdomain URL they conveniently provide.  Seriously, maybe half a dozen out of the hundreds of enterprise apps I have in my org do this.

What would be more convenient for you?  Going to the main login page and typing in your user address, clicking next, having Meraki do some kind of lookup on the back end to determine if your email domain is part of an an SSO organization, then magically prompting SSO?  Think about that for a second.  If you did this, you would  not be able to use email address "break glass" accounts if you needed to bypass SSO and login to your dashboard.  There's a reason larger companies do this, and it's for your security that almost all of them use subdomains.

0 Kudos
SSORaj
New here
yesterday
yesterday

You do not need to go through Azure Portal → Enterprise Apps → Meraki each time. That path is meant for administrators, not daily users. Your current approach—launching Meraki from the Office 365 9-dot app launcher or My Apps—is exactly how IdP-initiated SSO is designed to work and is already an optimized, supported flow.

If you want even fewer steps, use SP-initiated SSO by bookmarking https://dashboard.meraki.com. If you’re already signed into Azure AD, it becomes a single click straight into the Meraki Dashboard, and with a pinned tab or startup page it can feel like zero friction.

0 Kudos
In response to SSORaj
sprite160
New here
yesterday
yesterday

I never said to log in from the enterprise app.  We all know what the enterprise app does.  Please re-read what I wrote several times to let it fully “cook.”

 

The guy sounded upset he had to use the special URL that you setup during the SSO setup.  “YourDomain.meraki.com” for example. 

Also no…you cannot use SSO from Dashboard.meraki.com.  I manage several companies and this does not work at all.  For example if I setup SSO for DomainA.com and then I try to login to dashboard.meraki.com with UserA@DomainA.com it does not forward to SSO login or attempt SSO MFA.  Instead you have to use DomainA.meraki.com or whatever the SSO login page you created during he SSO setup was.  So no, what you’re suggesting does not work.

0 Kudos
In response to SSORaj
sprite160
New here
yesterday
yesterday

Also, how the heck did you interpret what I said as “I’m logging in from Azure > Enterprise Apps > Meraki?”

 

I literally never said anything remotely similar to this….

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2026 Cisco Systems, Inc.