Find Organization ID

Solved
EricR
Here to help

Find Organization ID

I need some help determining the organizationId to use in my API URLs.

I query /organizations to get the organization ID then use that to get the Apple Push Notification Certificate. Problem is I get a 404 Error when using the organization ID.

 

Here's my code:

 

 

 

 

import requests, json
from OpenSSL import crypto

apiKey = '<my_api_key>'
baseApiUrl = 'https://api.meraki.com/api/v0'
merakiOrgname = '<my_org_name>'

merakiHeader = {
    'X-Cisco-Meraki-API-Key': apiKey,
    'Content-Type': 'application/json',
    'Accept': 'application/json'
}

organizations = requests.get(baseApiUrl+'/organizations', allow_redirects=True, headers=merakiHeader)
if organizations.status_code >= 200 and organizations.status_code < 300:
    for org in organizations.json():
        if org.get('name') == merakiOrgname:
            merakiOrgId = org.get('id')

applePushCertRequest = requests.get(baseApiUrl+'/organizations/{'+merakiOrgId+'}/sm/apnsCert', allow_redirects=True, headers=merakiHeader)
if applePushCertRequest.status_code >= 200 and organizations.status_code < 300:
    applePushCert = crypto.load_certificate(crypto.FILETYPE_PEM, applePushCertRequest.text)
    print(applePushCert.get_notAfter())

 

I also tried using the url in this format:

 

applePushCertRequest = requests.get(baseApiUrl+'/organizations/'+merakiOrgId+'/sm/apnsCert', allow_redirects=True, headers=merakiHeader)

 

1 Accepted Solution

Holy snappin arse-holes, that was it!

 

The user I created for the API key had organization read-only access. I didn't want this user to have access to change anything, just view the data. However, it seems that to get the certificate the user needs Full Access.

 

Sorry for wasting your time. Thank you for the help.

View solution in original post

11 Replies 11
Bruce
Kind of a big deal

@EricR I haven’t used this API call before, but I’ve noticed that your API string is for the v0 APIs, but the apnsCert API only appears to be available in the v1 Dashboard API. I suspect this may be your problem.

Thank you for your reply.

My Google-ing for a Meraki API must have linked me to the v0 instead of the v1.

 

I adjusted my code for v1, but I still have the same issue. I tried using the meraki python library, but the meraki python library also receives a 404 error.

Bruce
Kind of a big deal

I'm sure you already have, but perhaps check that you're finding the organisation that you intended - just use a simple print statement in the for loop to see what's happening.

 

I'm not the best Python script writer, but I'd always take the JSON returned from the API call and use the JSON library to convert that into a standard Python data type, a Dictionary. That will then make it easier to search and manipulate.

 

After your GET you can do orgs_dict = json.loads(organizations.text) to pull the response body into a Python Dictionary.

Then you can just iterate through the organisations in the dictionary, e.g.

 

for org in orgs_dict:
    print('name: {} id: {}'.format(org["name"], org["id"]))

 

Hope this helps

The 

organizations.json()

function does the JSON conversion. It's built into the object that the requests.get() function returns.

 

If do the following:

apiKey = '<api_key>'
baseApiUrl = 'https://api.meraki.com/api/v1'
merakiOrgname = '<org_name>'

merakiHeader = {
    'X-Cisco-Meraki-API-Key': apiKey ,
    'Content-Type': 'application/json',
    'Accept': 'application/json'
}

organizations = requests.get(baseApiUrl+'/organizations', allow_redirects=True, headers=merakiHeader)
if organizations.status_code >= 200 and organizations.status_code < 300:
    for org in organizations.json():
        if org.get('name') == merakiOrgname:
            orgName = org.get('name')
            merakiOrgId = org.get('id')
            print('Id = ' +str(merakiOrgId)+ '\tName = ' +orgName)
else:
    print('!!Error: status code = ' + str(organizations.status_code))

 My output is:

Id = <id>     Name = <name>

 

Where <id> is a number and <name> is the name I expect.

Bruce
Kind of a big deal

@EricR I just went through the code and ran this on my lab, and this code works. The apiKey import is just a library to hold my API key, nothing more. I haven't included the error checking that you had, but it returns the certificate as expected.

 

import requests
import apiKey
 
myMerakiOrg = "Demo Organisation"
 
headers = {
  'X-Cisco-Meraki-API-Key': apiKey.key,
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}
 
response = requests.get(apiBase + "/organizations", headers = headers)
orgs = response.json()
 
for org in orgs:
    if org["name"] == myMerakiOrg:
        merakiOrgId = org["id"]
        
response = requests.get(apiBase + "/organizations/" + merakiOrgId + "/sm/apnsCert", headers = headers)
print(response.text)
 
p.s. thanks for the tip about .json()

I noticed that your API URL is different than mine, so I changed it, but I still can't get it to work.

I used environment variables to hide the organization name and API key and added and a check to make sure the ID was found.

 

import os, requests
 
apiBase = "https://api-mp.meraki.com/api/v1"
apiKey = os.getenv('merakiKey')
myMerakiOrg = os.getenv('myMerakiOrg')
 
headers = {
  'X-Cisco-Meraki-API-Key': apiKey,
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}
 
response = requests.get(apiBase + "/organizations", headers = headers)
orgs = response.json()
 
for org in orgs:
    if org["name"] == myMerakiOrg:
        merakiOrgId = org["id"]

print("merakiOrgId = " + str(merakiOrgId))

response = requests.get(apiBase + "/organizations/" + merakiOrgId + "/sm/apnsCert", headers = headers)
print(response.text)

Output is only the organization ID.

 

I am super lost.

Bruce
Kind of a big deal

You do have a APNS Certificate installed, don't you? (I'm assuming you do, but thought I'd ask to make sure). The response I get is exactly as you'd expect:

 

{"certificate":"-----BEGIN CERTIFICATE-----\nMIIFdjCCBF6gAwIBAgIIa0g/fC5Vd+IwDQYJKoZIhvcNAQELBQAwgYwxQDA+BgNV\nBAMMN0FwcGxlIEFwcGxpY2F0aW9uIEludGVncmF0aW9uIDIgQ2VydGlmaWNhdGlv\nbiBBdXRob3JpdHkxJjAkBgNVBAsMHUFwcGxlIENlcnRpZmljYXRpb24gQXV0aG9y\naXR5MRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzAeFw0xNzA5MDYw\nOTEyNDRaFw0xODA5MDYwOTEyNDRaMIGPMUwwSgYKCZImiZPyLGQBAQw8Y29tLmFw\ncGxl... <removed for brevity> ...2lqdnTc0ZHnwWuM4te\nMXKU0k5qt42KyA==\n-----END CERTIFICATE-----"}

I thought the same thing for a second. But I do:

EricR_0-1605712512105.png

 

Only just occurred to me: maybe it's the access that the user has...

Holy snappin arse-holes, that was it!

 

The user I created for the API key had organization read-only access. I didn't want this user to have access to change anything, just view the data. However, it seems that to get the certificate the user needs Full Access.

 

Sorry for wasting your time. Thank you for the help.

Bruce
Kind of a big deal

@EricR Glad you figured it out - a good one to remember 

Get notified when there are additional replies to this discussion.