Hi team,
TL;DR Is there any way to basically "click that revoke button" with API? (from the screenshot below)
For additional context:
I have been trying to automate the flow for requesting guest access to the network with API through our ITSM solution. I have managed to get everything working correctly. The access is requested, the API call gets sent to Meraki to create the user and grant guest access to our guest VLAN SSID for the specified network. We have a few roadblocks however:
So as we have many sites throughout all timezones, I opted for using "Never" for expiration, and handling the user timeout through our ITSM solution with API calls, meaning that as soon as the request gets placed and approved, there will be a 1 day duration regardless of timezone from the time the request was approved to the user deletion.
Deleting the user seems to work through the API call as it gets deleted from the Network-wide>Users page, but the access is not revoked and the user can continue to connect. When I make API calls to getNetworkClientSplashAuthorizationStatus to the user id I just get { "ssids": {} } as a response. (Bug?)
My thought is then to add a call before deletion to revoke access to the client and then delete it, so when the user tries to connect again they would get the splash page. If they try to use their user/password as it is deleted it shouldn't work again and another request would need to be sent in repeating the process.
But I also can't seem to be able to use updateNetworkClientSplashAuthorizationStatus which I thought would do what I wanted.
Even after deleting the user, I can still find the client on the dashboard as online and it seems to be possible to revoke access from there:
I assume that the access will be automatically revoked when it expires in 22 hours (According to the picture), but I don't want to have to set expiry dates due to the timezones (in this particular example I set it up to expire at 2023-10-19T00:00:00.000000Z). Even setting it to Never would rely on the splash page frequency before expiring. Is there any way to basically "click that revoke button" with API before I delete the user?
I believe if I set the splash page frequency to 1 day then it will basically do what I want after 24 hours, but I want to be able to have some control since we might add extensions when requesting guest access for longer than 24 hours if necessary.
When revoking the access manually from the dashboard it works perfectly, so that is the solution obviously, I just can't find a way to do everything nicely through API calls. Seems to me like a very standard or straightforward process so I imagine it can't be too complicated.
Any help would be greatly appreciated, thanks in advance!
