Meraki

Community

Meraki users gathered using REST API not representing all users shown in Dashboard

Aiden521
Here to help
‎Aug 22 2024 8:56 AM
‎Aug 22 2024 8:56 AM

Meraki users gathered using REST API not representing all users shown in Dashboard

Hello

 

I have a program setup that will query all the networks that are returned from the Get Organization Networks API call and all the Config Templates from the Get Config Templates from an organization.

 

From there I am using the IDs to query for the users in each of the networks and config templates using the GET /networks/{network_id}/merakiAuthUsers.

 

After doing this for all the ids for the networks and config templates, I am given a number of users that is much lower than the amount that is shown in the UI dashboard for Meraki. 

 

I am wondering if there is a way that I could potentially be missing users with the method I have specified, or if there is a more efficient way to do this such as getting all users within an organization. Any help would be greatly appreciated!

 

 

0 Kudos
12 Replies 12
Crocker
A model citizen
‎Aug 22 2024 10:11 AM
‎Aug 22 2024 10:11 AM

Seems unlikely, but any chance your organization has more than 1000 networks? I know the Get Organization Networks API call defaults to a perpage value of 1000 if not otherwise specified. You can adjust the perpage value up to 10,000, if this happens to be the case. I don't see a similar limit documented for the other two API calls you mentioned.

 

Recently ran into something similar with the Get Organization Devices API call, except that one doesn't let you request more than 1000 and instead makes you learn pagination (bleh).

In response to Crocker
Aiden521
Here to help
‎Aug 22 2024 12:29 PM
‎Aug 22 2024 12:29 PM

No we have just under 50 networks in total. I also considered the issue being a pagination problem and logged the number of users being returned from each GET request when retrieving the users and the most amount of users in a given network was 106 so this wouldn't be the problem.

0 Kudos
Jamieinbox
Building a reputation
‎Aug 22 2024 12:31 PM
‎Aug 22 2024 12:31 PM

Hi, check this code I did and see if it fits your needs. I had problems with pagination (fixed them), too. It lists all clients per network.


Merakicode/ClientScrape at main · jadexing/Merakicode (github.com)

In response to Jamieinbox
Aiden521
Here to help
‎Aug 23 2024 6:45 AM
‎Aug 23 2024 6:45 AM

I appreciate the input, but I am trying to get all the merakiAuthUsers and not the clients. 

0 Kudos
John_on_API
Meraki Employee
Meraki Employee
‎Aug 22 2024 1:27 PM
‎Aug 22 2024 1:27 PM

Hi @Aiden521, there is some nuance we can improve by updating the description for the operation. This operation should be described as follows, and work is underway to update the description so the docs are up to date:

 

List the authorized users configured under Meraki Authentication for a network (splash guest or RADIUS users for a wireless network, or client VPN users for a MX network).

 

While the operation name and path is a little confusing, this operation mostly operates on the authorizations of said users in the context of a specific network, and isn't true CRUD for the users themselves. So unauthorized users won't be returned in the API response.

 

Thanks for asking, and hopefully this helps!

In response to John_on_API
Aiden521
Here to help
‎Aug 23 2024 6:45 AM
‎Aug 23 2024 6:45 AM

Is there a method to gather all of the unauthorized users as well as the authorized ones? 

0 Kudos
In response to Aiden521
sungod
Kind of a big deal
‎Aug 23 2024 7:44 AM
‎Aug 23 2024 7:44 AM

I'm unclear exactly what are you trying to do.

 

You wrote "...given a number of users that is much lower than the amount that is shown in the UI dashboard for Meraki."

 

Which Dashboard page are you referring to? Is it Network->Clients?

 

As @John_on_API says, an 'authorized user' is related to a client device granted access via Meraki Authentication for a network.

 

An 'unauthorized user' is every client device that hasn't gained access that way, there is no 'user' identity there, it's just a client device.

 

0 Kudos
In response to sungod
Aiden521
Here to help
‎Aug 23 2024 7:48 AM
‎Aug 23 2024 7:48 AM

My mistake, I'll clarify a bit more. Within the dashboard after selecting "View All Networks" in the network tab, you are able to navigate to Network-Wide -> Users. It is the records here that I am attempting to capture. At the bottom of the list there is a total count of users that is given that is much more than the amount that I am able to gather using the API and doing the API calls mentioned in the original post. 

0 Kudos
In response to Aiden521
sungod
Kind of a big deal
‎Aug 23 2024 8:05 AM
‎Aug 23 2024 8:05 AM

Ah, now I see.

 

You are trying to list the page titled "User management portal", is that correct?

In response to sungod
Aiden521
Here to help
‎Aug 23 2024 8:11 AM
‎Aug 23 2024 8:11 AM

Yes exactly! This is where the records of the users are that I am trying to capture.

0 Kudos
In response to Aiden521
sungod
Kind of a big deal
‎Aug 23 2024 8:36 AM
‎Aug 23 2024 8:36 AM

Ok, currently the scope of that page is the list of Client VPN users vs. 'known' users that may have got into the list a variety of ways. I think It's really there to allow granting/removing Client VPN access, hence the lack of any rich API around it.

 

If you do not have any guest users (i.e. all will have an admin account), you can use https://developer.cisco.com/meraki/api-v1/get-organization-admins/ which gives you all admin users.

 

If there are guests, I'm not sure, if doing the https://developer.cisco.com/meraki/api-v1/get-network-meraki-auth-users/ call, which you (edit) might need to on all networks to build up the full list, isn't working then I don't think there's a way in the API.

 

In that case one option is to 'cheat' by making a screenscraper,  or to poke around in the page code and find out the URL used by the "Download as CSV" button, then use that to grab the list as a CSV you can process.

In response to sungod
Aiden521
Here to help
‎Aug 23 2024 10:13 AM
‎Aug 23 2024 10:13 AM

Yeah I am currently making the API call to get merakiAuthUsers for all the networks that exists within our organization but it isn't working and I am unable to retrieve all of the users with this method. 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.