- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Request help getting started wtih Meraki and postman
Hello
I am trying to get some experience with calling meraki api from powershell. I've been through a few of the tutorial articles but I can't seem to get anything working. I'm currently looking at this reference https://developer.cisco.com/meraki/build/meraki-postman-collection-getting-started/
I have postman and I have the Meraki Dashboard API collection installed. I'm using the test api key in the article 093b24e85df15a3e66f1fc359f4c48493eaa1b73
When I try the first call for List Organizations This User Has Access To I don't get a list of organizations as indicated in step 9. Instead I get an HTML page and if I click the Preview link I can see that it is a login page
Dashboard Login
and asks for email and a password and says I must have javascript enabled to use Dashboard.
I'm confused about what I'm doing wrong. I thought the point of the api key is that it supplies the credentials. I don't see anything in the documentation about passing login information. I'm sure I'm missing something that is so completely obvious that it is not included in the instructions but I can't figure it out.
Can anyone help me understand how to use this call to get a list of Organizations?
Thanks!
Solved! Go to solution.
- Labels:
-
Dashboard API
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
>Is there any way to generate a read only api key?
The API key has the same rights as the user. Create a user (such as api@....) and give them read-only rights. Log in as that user and generate an API key for it.
Are you running Windows 10 with a recent big update installed?
Other older OS's probably have TLSv1.2 disabled and will need it enabled manually.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here's a picture if it helps
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you look at this article I wrote it has a Powershell example at the bottom.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your reply Philip, the powershell code example is a big help. I also have concerns about the visibility of our API key. Is there any way to generate a read only api key?
For my learning and exploration I"m trying to work with the api key provided in the tutorial article I linked above. I'm not able to get a basic call and return in postman so I haven't pushed forward with powershell yet. In fact I started with powershell but just kept getting 404 errors
Invoke-RestMethod : The remote server returned an error: (404) Not Found.
At C:\tech\ps\MerakiPower_01.ps1:62 char:13
+ ... $request = Invoke-RestMethod -Method 'GET' -Uri $uri -Headers $heade ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
This led me to try working with postman so I could more easily understand the return. That's when I realized that I'm clearly not working with the api key correctly. At this point I am just confused about where I went wrong. The tutorial article is pretty simple and straight forward but I can't seem to get the same results with the provided key.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
>Is there any way to generate a read only api key?
The API key has the same rights as the user. Create a user (such as api@....) and give them read-only rights. Log in as that user and generate an API key for it.
Are you running Windows 10 with a recent big update installed?
Other older OS's probably have TLSv1.2 disabled and will need it enabled manually.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Philip! I don't know what I was doing wrong but I wound up restarting and reconfiguring everything from scratch and I can now make successful api calls using the api key from the article and I have them working in powerhsell now as well.
Thank you very much for the explanation on creating a read only api key. This is exactly what I want to move my testing efforts forward.
Much appreciated!
Lastly, I read your comments about storing api keys in an include file. I'm still not super comfortable about having an administrative api key in plain text anywhere. Do you have any other thoughts on best practices for api key management?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
>I'm still not super comfortable about having an administrative api key in plain text anywhere.
No matter where you store it - it has to be in a readable form that the script can access and send to the Meraki API.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So in Postman, you have to set the X-Cisco-Meraki-API-Key variable, right? In your Environment?
Drop down menu for environment should be in the upper right hand corner. If you don't have one made, you can download a template from the Postman library's page.
Then click on the eyeball to see your current values and access the edit menu easily.
Within my Dashboard API environment, when I set that key like so, I get the org data:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your reply Nash. As far as I can tell I do have the X-Cisco-Meraki-API-Key set. I've attached a picture below.
But I'm wondering if I'm just not understanding the intent of the tutorial. I'm trying to work with the provided api key rather than generating an api key for our network. I had the impression that I could work out code examples using the test api key before trying to run calls directly against our organization. Is that possible? Am I misunderstanding? When I follow the steps in the tutorial and hit send I just get HTML as a response and when I click preview I get the Dashboard login message below. Do I need to establish a VPN connection for this to work?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can try to clarify a few things here.
First, make sure you are using the most recent collection:
https://postman.meraki.com/
The API key is applied via the "Temporary Headers", meaning you do not have to specifically write X-Cisco-Meraki-API-Key in your request header section.
The Demo API key 093b24e85df15a3e66f1fc359f4c48493eaa1b73 should certainly work for this initial call `{{baseUrl}}/organizations`.
Your environment will still need the X-Cisco-Meraki-API-Key defined, as you have done. Just be sure you are using the API key you have intended (initial vs current). This can be verified after you run the request as well (see image)
If you are curious how this works, edit the Meraki Dashboard API collection and view the Authorization tab.
The Variables section is a list of all the global properties that could be overwritten within your personal environment. It also contains a few defaults, such as the baseUrl.
If nothing is working for you, then try from another network to rule out any security issues.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am trying to use the UrlfetchApp.fetch ( 'put' ) method command in Google sheets to add a couple of blocked urls etc.
I can do this failry easily in postman, but am not comming right in Google sheets.
My Google Sheets script looks as follows:
function myFunction() {
var myHeaders = {
'x-cisco-meraki-api-key': 'yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy'
};
var raw =JSON.stringify({
"allowedUrlPatterns":["http://www.example.org","http://help.com.au"],
"blockedUrlPatterns":["http://www.example.com","http://www.betting.com"],
"blockedUrlCategories":["meraki:contentFiltering/category/67","meraki:contentFiltering/category/70"],
"urlCategoryListSize":"topSites"
});
var requestOptions = {
method: 'PUT',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
var myurl = "https://api.meraki.com/api/v0/networks/N_xxxxxxxxxxxxxxxxxx/contentFiltering"
Logger.log(requestOptions);
var response = UrlFetchApp.fetch(myurl, requestOptions);
Logger.log(response);
Logger.log(response.getResponseCode());
}
If you could give any suggestions/ help it would be greatly appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you to everyone who replied offering help! I don't know what my initial problem is but I suspect that I just didn't have postman configured correctly. When I uninstalled everything and then set it up again from scratch it started working as expected. I then managed to mess up part of the collection by editing the Get string on one of the calls and I couldn't get it to go back to the default. So I then tried deleting the Meraki collection thinking I could add it back in again but was then unable to get the open in postman link to work again! I wound up going to an old IE browser and that let me install the collection again. Now I'm being very cautious about changing anything in postman but it is working to help me test the calls. Now that I've got that going I'm having no problem making calls form Powershell and I'm loving how easy it is to get the results that I want through api calls. I did create a read only api key for our organization and I can audit firewall rules across all of our networks which is what got me wanting to understand how to work with the api in the first place.
Thank you all for the gracious help.