I am currently trying to setup the SSO login for administrators on the Meraki dashboard.
We're using RSA SecurID for our idp, if I setup rsa to return a constant value for the role, it works, but if I setup RSA to return "memberOf" or "virtualGroup" it doesn't work. The return value in saml xml shows that the whole list of groups is returning, which make sense, shouldn't meraki be able to handle that?
Neither if I setup RSA SecurId tor return all value separated by a coma or separated attribute value.
Has anyone succeeded in setup RSA SecurID with Meraki?
Hmm Ok, so basically you almost have no choice than returning a single value, in my case look like with rsa securid I'll have to create 2 configurations, with different static role has Look to me that their implemenation of saml for meraki's dashboard administration is very limited.
The easy way I did this was just by setting the attribute "aCSPolicyName" to the SAML role I defined in the Meraki Dashboard. This was an unused attribute in AD that is sometimes used to set ACLs for users. Doing this allowed me to be able to support multiple rules with a single policy. It especially comes in handy if you switch to SP initiated SAML since you have to define the Apps for those in RSA.