cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSO best practices for Meraki Partner

New here

SSO best practices for Meraki Partner

We're just beginning to roll applications onto our SAML identity provider. I've tested our internal Meraki organization with SAML authentication and it's working. But, what are the best practices for configuring admin access to our dozens of client organizations under our partner account? Do we need to individually configure SSO on each client's organization? How are other partners achieving the convenience of SSO and the need to access any and every client org at any time?

3 REPLIES 3
Kind of a big deal

Re: SSO best practices for Meraki Partner

Yup, you need to configure it on every Org.

 

One thing that helps is creating new Orgs by copying an existing Org. The SAML config will copy over. We keep a "template" Org that's just an empty Org with the setting we want on it around for the sole purpose of cloning for new Orgs.

New here

Re: SSO best practices for Meraki Partner

Ok, how does copying your template org succeed when the Consumer URL for the Meraki service provider is unique for each organization? Or do I just need to create the saml administrative roles?

 

Since the consumer URL is unique, it's looking like we'll need to create a unique application instance in our idP for each org...is that really right? Meraki1, Meraki2, ... Meraki29, etc.?

Kind of a big deal

Re: SSO best practices for Meraki Partner

https://documentation.meraki.com/zGeneral_Administration/Managing_Dashboard_Access/Configuring_SAML_...

 

"When this occurs, the user will be directed to the MSP portal and receive the desired permissions in each organization. The Consumer URL for any of the MSP organizations can be used, as they will all direct the user to the MSP portal."

 

🙂

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.