Lately, SSO login for Meraki Dashboard has been a huge nuisance for me, as I'm getting access to more and more customer organisations that use SAML SSO in their organizations.   If unsuccessful in convincing their IT teams to add me directly as a local admin to their Org, I have to go through having my account created in their Azure tenant. Which by all means is probably also the correct way, IT security wise.   But as an MSP with access to many customers, SSO is a PITA. Many customers followed the guides on the Meraki Documentation on how to setup SSO for their org in Meraki, but this has also resulted in many organisations' lack of consideration of the different SAML attributes in Azure. An easy fix would be to set the username attribute to something else than userprincipalname, which for some reason equates to their email address. In my tests, using employeeid is usually the best alternative, since chances are that this is more unique between customers and organisations, and especially for external consultants like myself.    I'm curious as to how others handle SAML SSO from an MSP stand of view? Do you also spend days during first time onboarding in just trying to get access, by having to make the customer reconfigure their Dashboard App, which by all means works for them? What are you tips&tricks for when setting up SAML SSO? Or is there a simple Meraki setting that I'm just not aware of, that will fix everything, without having to touch their Azure tenant?     ... View more

When prodding around in certain environements, I love when you stumble upon hidden, inside jokes.   In the Meraki API, in the config.py file, there's some documentation on the optional parameter MERAKI_PYTHON_SDK_CALLER # Optional identifier for API usage tracking; can also be set as an environment variable MERAKI_PYTHON_SDK_CALLER # It's good practice to use this to identify your application using the format: # CamelCasedApplicationName/OptionalVersionNumber CamelCasedVendorName # Please note: # 1. Application name precedes vendor name in all cases. # 2. If your application or vendor name normally contains spaces or special casing, you should omit them in favor of # normal CamelCasing here. # 3. The optional slash and version number are optional. Leave both out if you like. # 4. The slash is a forward slash, '/' -- not a backslash. # 5. Don't use the 'Meraki' name in your application name here. Maybe in general? I'm a config file, not a lawyer. # Example 1: if your application is named 'Mambo', version number is 5.0, and your vendor/company name is Vega, then # you would use, at minimum: 'Mambo Vega'. Optionally: 'Mambo/5.0 Vega'. # Example 2: if your application is named 'Sunshine Rainbows', and company name is 'hunter2 for Life', and if you # don't want to report version number, then you would use, at minimum: 'SunshineRainbows hunter2ForLife' # The choice is yours as long as you follow the format. You should **not** include other information in this string. # If you are an official ecosystem partner, this is required. MERAKI_PYTHON_SDK_CALLER = ""   I'd just like to acknowledge that Meraki shouldn't act as lawyers, but also point out the coincidence of them using my password "hunter2"! ... View more