You can now enable API on orgs via API, as long as you are an org admin on those organizations where you'd like to enable API. See: https://developer.cisco.com/meraki/api-v1/#!update-organization It's not a valid security concern. Org admins are org admins--they either have the keys to the kingdom, or they aren't org admins. You should only add folks you trust as org admins. There's nothing inherently more secure about disabling API access, in any case. API access is not a form of RBAC; API keys inherit the privileges of the associated user. If someone is an org admin in your organization, then they could have just used the GUI to enable API access in your org, no API required, if they so wanted. Finally, there are very real efficiency benefits of being able to manage this via API, which you can't realize via any other method, especially for enterprise and MSP deployments where API is the customer's chosen primary user interface.
... View more
