Skip to main content
Cisco Meraki

Managing User Accounts using Meraki Cloud Authentication

When using Meraki Authentication for Client VPN authentication, SSID association requirements, or MS Switch Access Policies, a network administrator can easily create and edit user accounts from the Meraki dashboard. Organization administrators can also delete existing user accounts. This article outlines how to create, edit or delete users for network access.

Creating Meraki Cloud Authentication Guest Users

In the dashboard, there are two types of Meraki Cloud Authentication accounts available: "Guest" and "Administrator". Dashboard accounts (network and organization administrators) will be listed as administrators, while guests are user accounts that have been manually created.

Note: Meraki Authentication must be enabled on Client VPN or at least one SSID to be able to create, edit or delete users.

To create a guest account:

  1. From the dashboard, Navigate to Network-wide > Configure Users. Select the SSID to configure from the SSID drop-down menu.

 

  1. Choose Add user.
  2. A pop-up window will appear to set the following attributes:
  • Description: A descriptive name i.e. John Doe.
  • Email (Username): The email address of the user account which is also the login name. Passwords will be sent to this address. 
  • Password: Enter a password or select the Generate button to generate a random password. The password can be emailed to the new user if desired.
  • Authorize: Yes allows network access for the SSID selected, No denies network access.
  • Expires: Choose the default of Never, or click Change and set the expiration value using the drop-down. 

 

  1. Choose Create user
  2. Your new user will be now listed on your user list. Select Save changes at the bottom of the page, and wait a few minutes for the changes to take effect. 
  3. The user will receive an email, notifying them about the account creation and allowing them to update their email or password.

Authorizing Administrators

Any dashboard administrator will be added to the Meraki Authentication users list automatically, but needs to be specifically authorized for the SSID or Client VPN:

  1. From the dashboard, navigate to Network-wide > Configure > Users. Select the SSID to configure from the SSID drop-down menu.
  2. Choose the administrator to be granted access.
  3. Change the Authorized field to Yes.
  4. Select Update user.

For more information about managing Dashboard administrator accounts, please refer to our documentation.

Permissions for Managing Meraki Cloud Authentication Guest Users

Note that the list of Meraki Cloud Authentication users is consistent across an organization. So, any 'Network' Administrator may administer any guest user in an organization provided that they have write access to at least one network. For a Network Administrator, this means they should be allowed to:

  • Authorize or De-authorize the user for the network they have permission to
  • Update the user (such as setting a new password, affecting the user account in all networks in the organization)

Editing Users

  1. From the dashboard, navigate to Network-wide > Configure Users. Select the SSID to configure from the SSID drop-down menu.
  2. Choose on the user account you want to edit. A pop-up window will appear to edit the user's attributes. Make changes required and select Update user.

 

  1. Your edited user will be listed on your user list. Interact with Save changes at the bottom of the page, and wait a few minutes for the changes to take effect. 

Note: A user can modify their own credentials and reset their password if they are not an administrator account by logging in through account.meraki.com/account/account_login. This page is only available for users created under SSID configured as splash or Client VPN.

end-user-login.PNG

Deleting Users

Note: Since the users list is consistent across an organization, only an Organization Administrator can delete users.

  1. In the dashboard, go to Network-wide > Configure > Users. Select the SSID from the SSID drop-down menu that contains the user account
  2. Select the X icon to the far right of the user account you wish to delete. 
  3. Select the Save Settings button at the bottom of the page.   

Deauthorizing Administrators

Since administrators on the users list are tied directly with existing Dashboard administrator accounts, they cannot be deleted from the users list. However, they can be allowed/prevented from using Client VPN or associating with a Meraki Authentication-enabled SSID by revoking their access:

  1. From the dashboard, navigate to Network-wide > Configure > Users. Select the SSID to configure from the SSID drop-down menu.
  2. Choose on the administrator to be revoked access.
  3. Change the Authorized field to No.
  4. Select Update user.

For more information about managing Dashboard administrator accounts, please refer to our documentation.