Cisco MerakiダッシュボードAPI

Last updated
Save as PDF

overview

The Meraki Dashboard API is an interface for software to interact directly with the Meraki Cloud Platform and Meraki managed devices. The API includes a set of tools known as endpoints for building software and applications that communicate with the Meraki Dashboard for use cases such as provisioning, bulk configuration changes, monitoring, and role-based access control. The Dashboard API is a modern RESTful API with HTTPS requests to a URL and human-readable JSON. The Dashboard API is an open-ended tool that can be used for many purposes. Below are some real-world use cases for this tool:

Add new organizations, admins, networks, devices, VLANs, and SSIDs
Use automation scripts to provision thousands of new sites in minutes
Automatically onboard and offboard new employees to teleworker devices
Create your own dashboards for your own use cases, such as store managers or field engineers

Note: API call volume is limited to 5 calls per second per organization.

API Documentation

For more information about Meraki's APIs, please see our dedicated API documentation website: http://meraki.com/developers . Reference documentation for the API can be found in the Postman collection at http://postman.meraki.com , which can be imported into a Postman application to test API calls.

Enabling API Access

To access the API, first enable it for your organization at Organization > Settings > Dashboard API access .

Organization > Configure > Settings page "Enable access to the Cisco Meraki Dashboard API" option.

Once you have enabled the API, go to the my profile page and generate an API key. The API key will be associated with your Dashboard admin account. You can generate, revoke, and regenerate API keys in your profile.

Note: Keep your API key safe as it enables the API for authentication to all organisations. If an API key has been shared, you can regenerate it at any time, which will invalidate the existing API key.

Image of "My Profile" page and "Generate API key" button.

Note 1: Each administrator can generate up to two API keys. If you generate two API keys, the API key generation button will no longer be displayed. If you need to generate a new API key, please invalidate one of the existing API keys.

Note: 2 Please note that SAML Dashboard Admins cannot view or generate API keys.

API & Webhooks Dashboard

You can also configure API keys and webhooks on a dedicated dashboard page ( Organization > APIs & Webhooks ).

Organization > Configure > API & webhooks menu location.

Information found on the API & webhooks page, overview tab.

Organization > Configure > API & webhooks page, "API keys and access" tab. Generate and revoke API access on this tab.

Note: This page is currently only accessible to organization admins.

Using the Dashboard API

API Request

All requests must specify an API key in the request header. Additionally, the API key must be specified in the URL. The API returns 404 (instead of 403) for requests with a missing or incorrect API key to prevent revealing the existence of a resource to unauthorized users.

X-Cisco-Meraki-API-Key: <secret key>

The API version must be specified in the URL.

https://api.meraki.com/api/v1/<resource>

Note : Organisations hosted in China should use "api.meraki.cn".

Organisations hosted on the Canadian Dashboard should use "api.meraki.ca".

When an API version is released, only backwards compatible changes are made, including the following:

Add a new API resource
Adding new, optional request parameters to an existing API method
Adding new properties to an existing API response
Change the order of properties in an existing API response

Identifiers in the API are strings of opaque type. For example, <network_id> is the string "126043", but <order_id> might contain characters, such as "4S1234567". Client applications should not interpret these as numbers. Even if an identifier looks like a number, it may be too long to encode without loss of precision in Javascript (where the only numeric type is IEEE 754 floating point).

The API verbs follow the usual REST conventions.

GET returns either the value of a resource or a list of resources, depending on whether they have an identifier.
- GET on /v1/organizations returns a list of organizations
- A GET on /v1/organizations/<org_id> will return a specific organization.
POST adds a new resource
- POST to /v1/organizations/<org_id>/ admins
- POST performs other modifications that are not idempotent
PUT updates a resource
- PUT is idempotent, meaning that it updates a resource and first creates it if it doesn't already exist.
  *Idempotent refers to the property of performing an operation multiple times without causing any change to the state of the system after the first execution.
- PUT requires that you specify all fields for a resource, as the API reverts omitted fields to their default values.
DELETE deletes a resource.

Note: Call volume is limited to 5 calls per second per organization.

Note: For organisations hosted in the China dashboard, use api.meraki.cn instead of api.meraki.com.

Status and Error Codes

Responses from APIs generally use standard HTTP status codes , some examples are:

400: Bad Request - An incorrect operation was performed due to a malformed request or missing parameters.
403: Forbidden - You are not authorized to perform the operation.
404: Not found - The URL doesn't exist or you don't have access to the API or the organization.
429: Too Many Requests - You made more than 5 calls per second to the organization and triggered rate limiting.

If the response code is not specific enough to determine the cause of the problem, the response will include an error message in JSON format, like this:

{ 
    "errors": [ 
       "VLANs are not enabled for this network" 
    ] 
}

example

Below are example requests and responses, please note that these are not exhaustive - for a comprehensive list of API endpoints and their detailed information, please see the online documentation URL above.

Organization

Get a list of organizations that own the API key specified in X-Cisco-Meraki-API-Key

GET https://api.meraki.com/api/v1/organizations 
Response code: 302 
Response: Redirect to https://n123.meraki.com/api/v1/organizations

Note that the request is redirected to n123.meraki.com. All API calls can result in a 302, including state-changing API calls such as DELETE, POST, and PUT. If a GET is redirected, the status code will be 302. If a non-GET is redirected, the status code will be 307 for Postman and 308 for other clients. Client applications must follow these redirects . No action is taken by the host issuing the redirect, so even non-idempotent requests can be safely retried with the new host.

Query sent to the redirect link:

GET https://n123.meraki.com/api/v1/organizationsResponse 
code: 200Response 
body: [ {“id”: <org_id>, “name”:“Test Organization” } ]

Get metadata about a specific organization:

GET https://api.meraki.com/api/v1/organizations/<org_id>Response 
code: 200Response 
body: { "id": <org_id>, "name":"Test Organization" }

Most HTTP libraries and clients do not follow redirects that use HTTP verbs other than GET; instead, they may follow the redirect but substitute the HTTP verb for GET. As a result, a DELETE, POST, or PUT request may appear as if a GET was requested. To avoid this, first perform a GET on the organization you want to operate on, store the URL for the operation, and then use that URL for subsequent requests, especially those that change state.

To create a new organization:

POST https://api.meraki.com/api/v1/organizationsRequest 
Body: { “name”:“Second Test Organization” } 
Response Code: 201Response 
Body: { "id": <new_org_id>, name:"Second Test Organization" }

The newly created organization will have no settings other than that the creating admin will have full access to the organization. Clients of the API can add and remove admin creation from the new organization as needed.

Note: The API does not allow a client to remove the last administrator with full organization write access, however this action will make the organization unconfigurable.

network

To list networks in your organization:

GET https://api.meraki.com/api/v1/organizations/<new_org_id>/networksResponse 
code: 200Response 
body: [ { "id": <network_id>, "name":"Test Network", "organization_id": <new_org_id>, "type": "wireless", 
   "timeZone":"America/Los_Angeles", "tags": " test " 
} ]

Create a new network:

POST https://api.meraki.com/api/v1/organizations/<org_id>/networksRequest 
Body: { "name":"Test Network 2", "organizationId": <org_id>, "type": "appliance"} 
Response Code: 201Response 
Body: { "id": <network_id>, "name":"Test Network 2", "organization_id": <org_id>, "type": "appliance", "tags": null }

有効なネットワークは、「appliance」、「switch」、「wireless」、「systemsManager」、または「camera」です。統合ネットワークを作成するにはこれらを組み合わせて使用します。たとえば、「appliance wireless」となります。

ライセンスおよびデバイス

オーガナイゼーション内でのデバイス、ライセンスキー、またはオーダー番号の申請。オーダー番号から申請する場合、注文内のすべてのデバイスおよびライセンスが申請されます。ライセンスがオーガナイゼーションに追加され、デバイスがオーガナイゼーションのインベントリに配置されます。これら3種類の申請方法は相互排他的なため、同時に1つのリクエストで実行することはできません。「licenseMode」パラメータは「renew」または「addDevices」のいずれかとすることができます。「addDevices」はライセンス制限を増加し、「renew」は有効期限を延長します。このパラメータは、licenseKeyによって申請する場合に必要です。詳細については、こちらの記事を参照してください。

POST https://api.meraki.com/api/v1/organizations/<org_id>/ claim
リクエスト本文：{ "order":"4CXXXXXXX" }
レスポンス コード：200
レスポンス本文：<empty>

SNMP設定

オーガナイゼーションのSNMP設定を行います。SNMPv2のコミュニティストリングが応答に含まれます。これは同じURLへのGETによって取得することもできます。

GET https://api.meraki.com/api/v1/organizations/<org_id>/snmp
リクエスト本文：{ "v2cEnabled": true, "v3Enabled": true, "v3AuthMode":"SHA", "v3AuthPass", <secret>, "v3PrivMode":"AES128", "v3PrivPass": <secret>, "allowedIPs": ["5.6.7.8"] }
レスポンス コード：200
レスポンス本文：{ "v2Enabled": true, “v2CommunityString”: <secret>, "v3Enabled": true, "authMode":"SHA", "authPass", <secret>, "privMode":"AES128", "privPass": <secret>, "allowedIPs": ["5.6.7.8"] }

管理者

オーガナイゼーションの管理者を一覧表示します：

GET https://api.meraki.com/api/v1/organizations/<org_id>/admins
レスポンス コード：200
レスポンス本文：[ { "name":"Jane Doe", "email": "jane@doe.com", "orgAccess": "full","id": <admin_id> } ]

オーガナイゼーションアクセスは、「full」、「read-only」、または「none」に指定できます。

1つのネットワークのみへの権利を持つ新しい管理者を追加する：

POST https://api.meraki.com/api/v1/organizations/<org_id>/admins/
リクエスト本文：{ "name":"John Doe", "email": "john@doe.com", "orgAccess": "none", "networks": [{ "id": <network_id>, "access": "full" }
レスポンス コード：201
レスポンス本文：{ “id”: <admin_id>, "name":"John Doe", "email": "john@doe.com", "orgAccess": "none", "networks": [{ "id": <network_id>, "access": "full" }]

ネットワークの有効なアクセスレベルは「full」、「read-only」、「monitor-only」、および「guest-ambassador」です。クライアントは次のように「networks」フィールドを「tags」に置換することによって、タグにより管理者アクセスを付与することもできます。

"tags": [{ "tag": "foo", "access": "read-only" }],

タグについての有効なアクセスレベルはネットワークと同じです。クライアントはPUTを使用してadmin_idを指定することによって管理者を更新できます。

管理者を削除する：

DELETE https://api.meraki.com/api/v1/organizations/<org_id>/admins/<admin_id> 
Response code: 204 
Response body: <empty>