API - Create Guest User for Client VPN

MrW01f
Just browsing

API - Create Guest User for Client VPN

Hello,

 

I try to create guest user from Powershell but it's not working. I always get "Bad Request".

From the documentation, it should work with a POST to /networks/{networkId}/merakiAuthUsers with those parameters: email, name, password, accountType, emailPasswordToUser and authorization.

So I try multiple ways like this one:

 

$NewUser = @{
"email"="fake@email.com"
"name"="Test User"
"password"="SomeRandomCharacters"
"accountType"="Client VPN"
"authorizations"=@{
"expiresAt"="Never"
}
}
$headers = @{
"Content-Type" = "application/json"
"Accept" = "application/json"
'X-Cisco-Meraki-API-Key' = "$($APIKey)"
}

$RedirectUri = "https://nXXX.meraki.com/api/v1/networks/$($NetworksId)/merakiAuthUsers"
$inputData = $NewUser | ConvertTo-Json
Invoke-RestMethod -Uri "$($RedirectUri)" -Method POST -Headers $headers -Body $inputData

 

but it always fail. I created a user manually, copied his information from the same command with a GET, deleted the user and tried to recreate it with the values I got, but no success.

 

Is there anyway I can create guest user for VPN access from the API?

 

Regards,

Frank

2 REPLIES 2
CN
Meraki Alumni (Retired)
Meraki Alumni (Retired)

I'm pretty sure this message was passed along to you already, but just to post for the benefit of the community.

 

The problem is in the authorizations section. It needs to be an array not just an object. Here's a screenshot of what it would look like in Postman.

 

client_vpn.png

MrW01f
Just browsing

Yes, I had the answer from Meraki about this but there is so much problems with Meraki Auth Users, I don't think we'll be able to use it.

 

When we create a user from the web portal, the ID format is not the same as when we create it from the API.

Ex:

From Web portal: YWMtcGYyYm6xM3NAdnBuLmFkZGNhcCxDbGllbnQgVlBO

From API: ZmFrZUBlbWFpbC5jb10sQ2xpZW50IFZQTg==

 

When created from the web portal, I can Update and delete the user from the API.

When created from the API, I can't update or delete it as the ID format is not good.

 

The "Delete" fonction doesn't remove the user but disable the vpn connection capability and still remain in the list from the webportal, but I can't reach it from the API.

 

Looks like different people was working on different parts of the code without talking to each other.

Get notified when there are additional replies to this discussion.