As much as I've known that Meraki does not support Dot1X to do AP authentication, that is really annoying from a secure edge scenario, especially when using Cisco switching (and furthermore when Cisco AP support Dot1x)
Why does Meraki not support this...
Saying this, we have also had issues with Cisco AP's doing Dot1x auth to switchports that fail when the port is configured as a trunk
The one thing you can look at if you have ISE is to use MAB and profiling to identify it as a Meraki AP, however there is a catch, from the little I've been looking into this so far there is no unique identifier (i.e. certificate detail) you can get from the AP to truly trust it.