cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki API - Update the policy assigned to a client on the network not complete

Highlighted
Here to help

Meraki API - Update the policy assigned to a client on the network not complete

Dear,

while Return the policy assigned to a client on the network return the correct information (see below)

There is no implementation visible to also set this information for a certain client.

Is there a way to set this information in a API call?

 

"Different policy by SSID"

 

0 : @{type=Blocked; name=WIFI-Guest}
1 : @{type=Group policy; group_number=100; name=WIFI}
4 : @{type=Normal; name=WIFI_D}
mac : AA:BB:CC:0D:EE:00
type : Different policies by SSID

5 REPLIES 5
Highlighted
Meraki Employee

Re: Meraki API - Update the policy assigned to a client on the network not complete

You can set the group policy of a client by using this call: https://dashboard.meraki.com/api_docs#update-the-policy-assigned-to-a-client-on-the-network

You will need to pass the groupPolicyId of the policy you want to activate as JSON body.

 

Postman proposes this as Python 3 code to do it: 

import http.client

conn = http.client.HTTPConnection("api,meraki,com")

payload = "{\n  \"groupPolicyId\": 102\n}"

headers = {
    'X-Cisco-Meraki-API-Key': {{apiKey}},
    'Content-Type': "application/json"
    }

conn.request("PUT", "api,v0,networks,{{networkId}},clients,{{clientMac}},policy", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

The example above assumes you want to activate a Group Policy with ID 102. Substitute {{apiKey}}, {{networkId}} and {{clientMac}} for actual values in your organization.

 

Even better, you could use the Meraki Python module to do it: https://github.com/meraki/dashboard-api-python

The correct call in the module is:

 

meraki.updateclientpolicy(apikey, networkid, clientmac, policy, policyid=None, suppressprint=False)

 

You can find the groupPolicyId of your policy by listing the Group Policies available in your Network: 

https://dashboard.meraki.com/api_docs#list-the-group-policies-in-a-network

 

Hope this helps.

 

Highlighted
Here to help

Re: Meraki API - Update the policy assigned to a client on the network not complete

Hello Mihail,

 

Thanks for your answer.

I know how to set the group policy by API and also the API documentation is correct in that.

This way you bind a group policy to a client for just one SSID

 

But this problem is about setting the "different policy by ssid" with the API

 

 diffssid pol.PNG

 

Best regards, Ben

Highlighted
Building a reputation

Re: Meraki API - Update the policy assigned to a client on the network not complete

As far as I can tell, the API does not support assigning group policies by ssid.

 

I should point out that the documentation for setting the policy is incomplete (or inaccurate, depending on your point of view).  The valid values for devicePolicy are whitelisted, blocked, normal, group.  Note that "group policy" is not a valid value.  You can see these values in Meraki's python library (https://github.com/meraki/dashboard-api-python/blob/master/meraki.py#L1327).

 

If a device has group policies set by ssid, you can retrieve the details from the API.  Here's what the response looks like:

 

{
  "mac": "aa:bb:cc:dd:ee:ff",
  "type": "Different policies by SSID",
  "ssids": {
    0: {
      "type": "Normal",
      "name": "ssid0"
    },
    1: {
      "type": "Group policy",
      "group_number": 100,
      "name": "ssid1"
    },
    2: {
      "type": "Whitelisted",
      "name": "ssid2"
    },
    14: {
      "type": "Blocked",
      "name": "ssid14"
    }
  }
}

Unfortunately, I don't see any way with the current API to set the client policy to something like that.

Highlighted
Here to help

Re: Meraki API - Update the policy assigned to a client on the network not complete

Hi,

 

Exactly my point.

 

I know how to get the info and also know how to set the correct info at the API but In my point of view if u have that option in the dashboard Meraki developers are able to implement this in short term at the API also.

 

Still searching for an API Wish list.

 

 

Highlighted
Here to help

Re: Meraki API - Update the policy assigned to a client on the network not complete

I don't know if this got solved for any of you folks, but I found the proper format to send a client per SSID policy. Maybe this will help someone that finds this... took me awhile to get it.    Make sure to have the correct number of SSIDs definded.

 

{
    "policiesBySsid": {
        "0": {
            "devicePolicy": "Blocked"
        },
        "1": {
            "devicePolicy": "Whitelisted"
        },
        "2": {
            "devicePolicy": "Blocked"
        }
    },
    "mac": "00:aa:bb:11:22:aa",
    "name": "Test",
    "devicePolicy": "Per connection"
}

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.