There is no such way you could do this with Meraki WiFi kit. Meraki WiFi kit has integrated IDS that runs on the AP itself. Decentralising this back to something central would weaken the whole solution.
Even if you could do this - and you disconnected the customer from the WiFi - the client will just automatically try and reconnect (standard WiFi client behaviour). You will end up putting your authentication system under load as the client and the authentication platform try as fast as they can to authenticate/disconnect the client. It will be a race. You will also burn a bunch of RF spectrum on these WiFi authentication/disconnect attempts.
The best solution would be to run the WiFi traffic through their IDS - and have their IDS block the traffic coming from the client. This will at least preserve your RF spectrum for other legitimate users.
