Meraki

Community

Clean-up of guest accounts using self approved splash screens

SputterButter
New here
‎Jul 15 2025 2:02 AM
‎Jul 15 2025 2:02 AM

Clean-up of guest accounts using self approved splash screens

Our wonderful security team has asked up to change our guest Wi-Fi setup.

They now want us to allow guests to connect using a self registration portal which doesn't need authorization. This itself has been easy to do and I can get those accounts to be allowed but the next part is what I am struggling with...

After 60 days of inactivity they want the accounts to be deleted.

 

I have managed to get information on the guest accounts in question by using the API documentation but I am struggling to put the pieces together and automate the actions that they require.

I have used postman to GET 

{{baseUrl}}/networks/:networkId/merakiAuthUsers

 

Which brings back

"id": "YW50atghathi'phs'gphij'apighjWssR3Vlc3Q=",
        "email": "guest.user@my-company.co.uk",
        "name": "Guest B User",
        "createdAt": "2025-02-07T11:13:22.738407Z",
        "accountType": "Guest",
        "isAdmin": false,
        "authorizations": [
            {
                "ssidNumber": 8,
                "authorizedZone": "CompanyGuests",
                "expiresAt": "Never",
                "authorizedByName": null,
                "authorizedByEmail": null

 

This is progress for me but now I need to be able to delete this user if they haven't used their account for over 60 days.

So...

1. Is there a way to check the last login date for this user?

2. Do I use the DEL 

{{baseUrl}}/networks/:networkId/merakiAuthUsers/:merakiAuthUserId

 option to delete a user?

3. Has anyone worked anything like this into a script that can be scheduled to be run automatically?

 

TIA!

 

 

0 Kudos
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jul 15 2025 3:40 AM
‎Jul 15 2025 3:40 AM

Unfortunately, no, there is no field in the API that displays "last login" or "last association date" for merakiAuthUsers. The only dates you get are "createdAt" and "expiresAt" (if set; in your example, it says "Never").

Therefore, you can't determine the last activity directly through the current Meraki API.

You can check client association events in the dashboard (through the Events API or Syslog), but the Meraki Events API doesn't currently provide a "last access" date per user account, only per device (client MAC).

 

And yes, you can automate it, but since there's no "last login" field, you'll have to rely on createdAt or some external data source, and you'll obviously need to schedule it to run on a system, like a Linux crontab.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 15 2025 4:44 PM
‎Jul 15 2025 4:44 PM

I would consider using Splash Access (a separately paid-for service) to do this.  It doesn't create Meraki accounts and is very flexible.

https://splashaccess.com/

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.