Meraki

Community

Rerieving a merakiAuthUser userid at organization level by email

ChrisDongen
Conversationalist
‎Apr 12 2022 5:03 AM
‎Apr 12 2022 5:03 AM

Rerieving a merakiAuthUser userid at organization level by email

I have a large organisation, consisting of multiple networks. I made a script with webfront to import a list of users to add them as a merakiAuthUser to a certain network. This works fine, except when adding a user to a (new) network which is already added to another network. This will throw an error 'Email has already been taken'. 

 

Is there a way to query the userid, so I can update that userid with new authorizations? It is unworkable to query all networks and its users to find the userid by looping through all the results (we are talking about 20 networks with about 3000 users each).

 

 

0 Kudos
7 Replies 7
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 12 2022 5:10 AM
‎Apr 12 2022 5:10 AM

@ChrisDongen Users are registered at the organization level and not the network. So I believe that the best way would be to consult the users at the organization level and check the network to they have access privileges.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
ChrisDongen
Conversationalist
‎Apr 12 2022 5:27 AM
‎Apr 12 2022 5:27 AM

Can you point to the right API call? The only place I could find/add/change users is at a network level.

0 Kudos
In response to ChrisDongen
ww
Kind of a big deal
Kind of a big deal
‎Apr 12 2022 6:46 AM
‎Apr 12 2022 6:46 AM

https://developer.cisco.com/meraki/api-latest/#!update-organization-admin

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 12 2022 1:55 PM
‎Apr 12 2022 1:55 PM

Just to clarify some confusion I see here.  @ChrisDongen is not talking about organisation admins.  He is talking about network-wide "guest" users, which you get when you use Meraki authentication for anything (such as wifi splash page, client VPN, etc).

When you create such a user you have to authorise them for each network in which you want them to have access.

 

I think you'll need to do something like:

https://developer.cisco.com/meraki/api-v1/#!get-network-meraki-auth-users

To get a list of all existing authorised users.

 

Then update any existing user on the list you are importing.

https://developer.cisco.com/meraki/api-v1/#!update-network-meraki-auth-user 

 

And then finally, add anyone that is 100% new.

https://developer.cisco.com/meraki/api-v1/#!create-network-meraki-auth-user 

In response to PhilipDAth
ChrisDongen
Conversationalist
‎Apr 13 2022 11:00 PM
‎Apr 13 2022 11:00 PM

This is probably the solution, except when there are lots of networks within an organization with each a lot of users the the time waiting to fetch all the users, check if the exist, if not add them will add up soon and become a bit of a nuisance. Intended use is a webfronted for a service desk, which can be a bit impatient and refreshing the page whiel it is running. which poses more waiting etc. etc.

 

the problem lies within users that don't have an authorization in the network you are querying dont appear in the getuserlist, but when adding them an error is thrown (email taken) without knownig the userid  (which is needed to update the authorizations). when using the Meraki dashboard to do the same users of other networks are displayed (but don't have authorizations). 

 

 

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 12 2022 1:57 PM
‎Apr 12 2022 1:57 PM

I guess you could also just blindly import every user on your list, ignoring errors (due to some users already existing).  And then update every user on your list.

0 Kudos
AxL1971
Building a reputation
‎Apr 13 2022 1:40 AM
‎Apr 13 2022 1:40 AM

The following API call can retrieve info for the user

 

https://api.meraki.com/api/v1/networks/<networkID>/merakiAuthUsers/<UserID>

 

Obviously you need to pass the correct network ID and UserID

 

If you get a HTTP error 404 then the user is not enabled for that specific network.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.