Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

API Audit

TroyV
Here to help
‎Sep 14 2022 2:14 PM
‎Sep 14 2022 2:14 PM

API Audit

I have been looking but I can't seem to find a way to audit what API keys have been setup for my users and what they are accessing. Does anyone know of a way to audit active API keys for all users in your organization?

0 Kudos
Subscribe
2 Replies 2
ShawnHu
Meraki Employee
Meraki Employee
‎Sep 14 2022 7:20 PM
‎Sep 14 2022 7:20 PM

@TroyV Since the API key is part of the administrator profile and the access permission is based on what privilege the administrator is assigned with in a specific organization. For audit purposes, there are two endpoints you can leverage.

getOrganizationApiRequestsOverview  and getOrganizationApiRequests 

You can use the adminId from the latter endpoint linking to a specific user(with the getOrganizationAdmins endpoint). Here is a request example from getOrganizationApiRequests.

{ "adminId": "212406", "method": "GET", "host": "server.example.com", "path": "/api/v1/organizations/12345/apiRequests", "queryString": "timespan=604800", "userAgent": "PostmanRuntime/7.6.0", "ts": "2018-02-11T00:00:00.090210Z", "responseCode": 200, "sourceIp": "123.123.123.1", "version": 1, "operationId": "getOrganizationApiRequests" }

Subscribe
sungod
Head in the Cloud
‎Sep 15 2022 1:00 AM
‎Sep 15 2022 1:00 AM

You can use https://developer.cisco.com/meraki/api-v1/#!get-organization-admins to identify admins and detect which have API key(s).

 

Then as above get the requests and see which admin(s) are using the API.

 

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.