Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

API Script to Manage Meraki Cloud Authentication accounts

rsage_voda
Getting noticed
‎Jan 29 2024 2:09 PM
‎Jan 29 2024 2:09 PM

API Script to Manage Meraki Cloud Authentication accounts

I have written a script to remove guest accounts that are older than 7days from the day the script is run inline with my customers policy. The script appears to work. Items in BOLD are print statements in the script. But all the users I check on the dashboard are still present.

api call:

networkId = network["id"]

userId = user["id"]

 

dashboard.networks.deleteNetworkMerakiAuthUser(
    networkId, userId)

From the console

{'id': 'c2FsbWFuLndhc3RpQGNlbnRyaWNhLmNvbSxHdWVzdA==', 'email': 'salman.wasti@centrica.com', 'name': 'Salman', 'createdAt': '2018-12-19T14:04:55.855830Z', 'accountType': 'Guest', 'isAdmin': False, 'authorizations': [{'ssidNumber': 1, 'authorizedZone': 'MyGuest', 'expiresAt': '2019-01-18T14:04:52.000000Z', 'authorizedByName': None, 'authorizedByEmail': None}]}
Salman has expired
2024-01-29 21:47:31 meraki: INFO > networks, deleteNetworkMerakiAuthUser - 204 No Content
2024-01-29 21:47:31 meraki: INFO > DELETE https://n645.meraki.com/api/v1/networks/N_658651445502962172/merakiAuthUsers/c2FtLnNhbGloQGNlbnRyaWN...
Salman **DELETED**

 

The line red is confusing me. According to the API guid for deleting a merakiauth user the response 204 is a successful operation

 

0 Kudos
Subscribe
11 Replies 11
Amit_pal
Getting noticed
‎Jan 29 2024 10:14 PM
‎Jan 29 2024 10:14 PM

This will deauthorize user if it is still active, not delete it 

The user will still remain in the history..

I don't think Meraki let's you delete users from history using API

Subscribe
In response to Amit_pal
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 30 2024 4:04 AM
‎Jan 30 2024 4:04 AM

"If the ID supplied is for a splash guest or client VPN user, and that user is not authorized for any other networks in the organization, then also delete the user. 802.1X RADIUS users are always deleted regardless of this optional attribute."

https://developer.cisco.com/meraki/api-v1/delete-network-meraki-auth-user/

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
In response to alemabrahao
Amit_pal
Getting noticed
‎Jan 30 2024 4:15 AM
‎Jan 30 2024 4:15 AM

I tried same in my org but it does not delete the splash guest entry , just deauthorizes it.. The user will still exist in the user history

0 Kudos
Subscribe
In response to Amit_pal
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 30 2024 4:19 AM
‎Jan 30 2024 4:19 AM

And that user is not authorized for any other networks in the organization, then also delete the user.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to Amit_pal
rsage_voda
Getting noticed
‎Jan 30 2024 7:27 AM
‎Jan 30 2024 7:27 AM

If you can't delete the user how is the Meraki solution GDPR compliant? 

0 Kudos
Subscribe
In response to rsage_voda
Amit_pal
Getting noticed
‎Jan 30 2024 7:47 AM
‎Jan 30 2024 7:47 AM

You can remove user  from dashboard manually and that will delete the user from the org, but using API i think that is not possible because API just unauthorizes the user in the network , does not delete it from org level

0 Kudos
Subscribe
In response to Amit_pal
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 30 2024 7:55 AM
‎Jan 30 2024 7:55 AM

Check the description I sent you.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to Amit_pal
rsage_voda
Getting noticed
‎Jan 30 2024 11:59 PM
‎Jan 30 2024 11:59 PM

I have 4000+ accounts manual simply isn't an option. Also when self certified accounts are created they don't seem to set an expiry date.

0 Kudos
Subscribe
rhbirkelund
Kind of a big deal
‎Jan 30 2024 10:51 AM
‎Jan 30 2024 10:51 AM

Try passing "delete = True" as a parameter to your call aswell. That is,

dashboard.networks.deleteNetworkMerakiAuthUser(
    networkId, userId,
    delete = True
)
LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
Subscribe
In response to rhbirkelund
rsage_voda
Getting noticed
‎Jan 30 2024 11:55 PM
‎Jan 30 2024 11:55 PM

Thank you I will give this ago. I have 4000+ accounts that need to be deleted. I can't delete them manually. I will try the delete = 'True' parameter.

0 Kudos
Subscribe
In response to rhbirkelund
rsage_voda
Getting noticed
‎Feb 13 2024 1:07 AM
‎Feb 13 2024 1:07 AM

I tried that it didn't work. Interestingly you can delete a using Postman with the delete keyword. I have raised a TAC case and they it can't be done and that an internal case is being raise to amend their documentation

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.