Hi guys! Hope someone here can help me out with this, and that I'm posting this in the correct place.
We're currently building a new portal for all our customer which includes SSO to all applications that specific customer are subscribed to, one of which could be Meraki dashboard.
We are using Auth0 as IdP, and we've ran into some issues with the SAML integration to the Meraki dashboard. Currently there's a unique Callback URL for each organization which means we have to set up a unique Auth0 application for each customer, which obviously doesn't scale very well.
Our first idea was to rewrite the Callback URL with a rule in Auth0, but that would break the expectations of the SAML protocol, so that is unfortunately not an option.
We also tried setting up a "dummy" organization that holds all Meraki roles, and that way we could do callbacks to that organization, and the customer could reach their own if org the provided role would match. This is not really a good solution either.
Is there any way we can setup a centralized callback URL for the Meraki dashboard and control access to customer organizations based on roles? This would be the preferred way.
Or am I trying to do this totally the wrong way? How is SAML integration supposed to work for MSP's when you want to give (readonly) dashboard access to your customers?
Any help or pointers in the right direction would be greatly appreciated! 🖐😀👍