Meraki

Community

403 on Camera Snapshot API

Solved
Alegis
Just browsing
‎May 5 2019 7:09 AM
‎May 5 2019 7:09 AM

403 on Camera Snapshot API

Hi,

I would like to create snapshots from the Cameras, but my requests always return 403 - Forbidden. The account used has full admin privileges.

The request is of type:

 

curl -X POST \
https://api.meraki.com/api/v0/networks/L_111111111111111111/cameras/QQQQ-QQQQ-QQQQ/snapshot \
-H 'X-Cisco-Meraki-API-Key: abc123def456etc'

 

Following the redirect to the shard api (n270.meraki.com)


I've tried with and without Content-Type: application/json and Accept: application/json headers
Sense MV API is enabled on the camera

The network id has been retrieved from going to the organizations API and retrieving all the networks.
The serial ID has been retrieved from the networks API for the specific network, and retrieving all the cameras within (with their serialId listed).

Any idea what I could check out next? Other APIs such as analytics zone on that camera do work with my api key.

Labels:
0 Kudos
1 Accepted Solution
In response to Alegis
BrechtSchamp
Kind of a big deal
‎May 7 2019 12:11 AM
‎May 7 2019 12:11 AM

Well I suppose you already checked these but just to be sure:

-API access enabled in the Organization > Settings for the org in which the camera's network resides

-API key you're using is linked to an account that has full admin access to that org

-Make sure the camera is running the latest firmware as snapshots aren't supported on older firmware.

View solution in original post

0 Kudos
5 Replies 5
BrechtSchamp
Kind of a big deal
‎May 6 2019 12:56 AM
‎May 6 2019 12:56 AM

I'm on Windows, so the quotes are a different kind for me, but this worked for me:

curl -L -H "X-Cisco-Meraki-API-Key: azertyuiop123456789" -X POST "https://api.meraki.com/api/v0/networks/L_123456789/cameras/A11A-B22B-C33C/snapshot"

You don't seem to have the -L in there, it's important because this is a POST request, and these tend to need to follow the redirects.

0 Kudos
In response to BrechtSchamp
Alegis
Just browsing
‎May 6 2019 11:46 PM
‎May 6 2019 11:46 PM

Hi Brecht,

Thanks for your response. Unfortunately it gives the same result here; Postman follows redirects automatically and when using curl before I did replace the URL with n270.meraki.com (the shard URL from the response). I tried with your command and it results in the same response:

< HTTP/1.1 403 Forbidden
* Connection #1 to host n270.meraki.com left intact


Any thoughts on what I can further check regarding company or account settings?

0 Kudos
In response to Alegis
BrechtSchamp
Kind of a big deal
‎May 7 2019 12:11 AM
‎May 7 2019 12:11 AM

Well I suppose you already checked these but just to be sure:

-API access enabled in the Organization > Settings for the org in which the camera's network resides

-API key you're using is linked to an account that has full admin access to that org

-Make sure the camera is running the latest firmware as snapshots aren't supported on older firmware.

0 Kudos
In response to BrechtSchamp
Alegis
Just browsing
‎May 7 2019 7:02 AM
‎May 7 2019 7:02 AM

Hi Brecht,

 

Turns out the account had admin rights, but only read rights; and the snapshot API requires write access. Everything seems to work with write enabled. Wonder if there's a way to grant fewer privileges with access to the camera snapshot api.

Thanks for checking & the help.

Kind regards,


0 Kudos
In response to Alegis
BrechtSchamp
Kind of a big deal
‎May 7 2019 7:16 AM
‎May 7 2019 7:16 AM

Well I think the per-network full admin rights are probably sufficient for the snapshots. So you can create admins per network. Full org access is probably overkill. Now that it works you can start finetuning.

 

If you need to limit the access to camera's only you'll need to put them in a separate network.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.