Meraki

Go0se49 · ‎Jul 23 2020

I would like to start utilizing the API, but I need to be certain it is secure if I enable it. I realize someone would have to obtain my API key to do any damage, but other than obviously securing my API key, are there additional steps that can be taken to harden API access? I understand I can create a new user just for API access and restrict what that user can access and then use that user's API key to restrict it, but can I also restrict access to my only allow access from my IP address range? Is it possible to create custom rights so as an example, a user's API access only has access to GET/PUT group policy settings on one or two networks? Thanks in advance.

CptnCrnch · ‎Jul 23 2020

You can restrict to the Dashboard to your Login IP ranges („Organization“ -> „Settings“ -> „Login Ip ranges“). I don‘t know if that also works for API access.

boundless-digit · ‎Jul 23 2020

yeah, it works for API access as well

Sidney Burks
Captive Portal and Meraki API Automation
Founder and CTO, Boundless Digital
sidney@boundless.fr
https://www.boundless.fr

Go0se49 · ‎Jul 23 2020

It appears that's a global setting? Ideally I don't want to restrict everyone. Just this single user's API key access.

boundless-digit · ‎Jul 23 2020

Unfortunately, Meraki doesn't offer that kind of security granularity.

Would a 3rd-party platform with more security granularity that wraps the Meraki API with its own API be useful?

Sidney Burks
Captive Portal and Meraki API Automation
Founder and CTO, Boundless Digital
sidney@boundless.fr
https://www.boundless.fr

PhilipDAth · ‎Jul 23 2020

I like to create a dedicated account.

Check out my post on API keys.

https://community.meraki.com/t5/Developers-APIs/A-newer-safer-way-to-access-the-dashboard-API/m-p/69...

Meraki

Community

restricting/securing API access

restricting/securing API access