I have written a script to remove guest accounts that are older than 7days from the day the script is run inline with my customers policy. The script appears to work. Items in BOLD are print statements in the script. But all the users I check on the dashboard are still present.
api call:
networkId = network["id"]
userId = user["id"]
dashboard.networks.deleteNetworkMerakiAuthUser(
networkId, userId)
From the console
{'id': 'c2FsbWFuLndhc3RpQGNlbnRyaWNhLmNvbSxHdWVzdA==', 'email': 'salman.wasti@centrica.com', 'name': 'Salman', 'createdAt': '2018-12-19T14:04:55.855830Z', 'accountType': 'Guest', 'isAdmin': False, 'authorizations': [{'ssidNumber': 1, 'authorizedZone': 'MyGuest', 'expiresAt': '2019-01-18T14:04:52.000000Z', 'authorizedByName': None, 'authorizedByEmail': None}]}
Salman has expired
2024-01-29 21:47:31 meraki: INFO > networks, deleteNetworkMerakiAuthUser - 204 No Content
2024-01-29 21:47:31 meraki: INFO > DELETE https://n645.meraki.com/api/v1/networks/N_658651445502962172/merakiAuthUsers/c2FtLnNhbGloQGNlbnRyaWN...
Salman **DELETED**
The line red is confusing me. According to the API guid for deleting a merakiauth user the response 204 is a successful operation
This will deauthorize user if it is still active, not delete it
The user will still remain in the history..
I don't think Meraki let's you delete users from history using API
"If the ID supplied is for a splash guest or client VPN user, and that user is not authorized for any other networks in the organization, then also delete the user. 802.1X RADIUS users are always deleted regardless of this optional attribute."
https://developer.cisco.com/meraki/api-v1/delete-network-meraki-auth-user/
I tried same in my org but it does not delete the splash guest entry , just deauthorizes it.. The user will still exist in the user history
And that user is not authorized for any other networks in the organization, then also delete the user.
If you can't delete the user how is the Meraki solution GDPR compliant?
You can remove user from dashboard manually and that will delete the user from the org, but using API i think that is not possible because API just unauthorizes the user in the network , does not delete it from org level
Check the description I sent you.
I have 4000+ accounts manual simply isn't an option. Also when self certified accounts are created they don't seem to set an expiry date.
Try passing "delete = True" as a parameter to your call aswell. That is,
dashboard.networks.deleteNetworkMerakiAuthUser(
networkId, userId,
delete = True
)
Thank you I will give this ago. I have 4000+ accounts that need to be deleted. I can't delete them manually. I will try the delete = 'True' parameter.
I tried that it didn't work. Interestingly you can delete a using Postman with the delete keyword. I have raised a TAC case and they it can't be done and that an internal case is being raise to amend their documentation