Camera and sensor-only admin (IoT Admin)
Introduction
For facilities teams, it’s important to provide control over user access and actions within the dashboard. Limiting users to only the necessary permissions they require will reduce the risk of unauthorized access, data breaches, and errors. From the Meraki dashboard, we provide a simple set of options to granularly manage user access for physical security and sensors.
- IoT admin is limited to only camera and sensor features on both the Meraki dashboard and the Meraki enterprise mobile app
- Once created, IoT admins can be found quickly under Organization > Configure > Administrators
- You can add sensor access to existing camera-only admins
Permission tiers
A camera- or sensor-only admin has access to their appointed permission tier. This admin type will not have access to most other parts of the Meraki environment, including switches, wireless access points, etc., and will not have access to most platform-wide network/organization configuration capabilities. A user can have a combination of camera and sensor permissions to gain access to both product types.
|
Sensor permission |
Description |
|
No access |
The user does not have access to any sensors |
|
Read-only sensor access |
The user can read sensor readings and configurations, but not make any edits |
|
Full sensor access |
The user can both monitor and edit sensor readings and configurations |
|
Camera permission |
Description |
|
No access |
The user does not have access to any cameras |
|
View live footage |
The user can watch live footage on a single camera or video wall |
|
View any footage |
The user can watch live and historical footage on a single camera or video wall |
|
View and export any footage |
The user can watch all footage and manage video exports |
Organization-wide/Network-wide permissions will take precedence over Camera and Sensor roles. These roles cannot be used to restrict access to Organization/Network administrator
Create a new user
A camera or sensor user can be created from the same page as network admin creation.
- Go to Network-wide > Configure > Administration
- Scroll down to the section, Camera and sensor only admins
- Select the Create new user button and enter the user’s Name and Email
- Configure this user’s camera and sensor permission from the dropdown
- Select Save Changes
Create a SAML role
A SAML role for the camera and sensor user can be generated from the dashboard. To learn more about how Meraki manages SAML, please visit here.
- Go to Organization > Configure > Camera and Sensor Roles
- Select Add Role
- Enter Role name and network access
- Set camera permissions
- Set sensor permissions
- Select Create role
Camera and Sensor role name(s) created do not need to be created under Organization > Configure > Administrators > SAML administrator roles
FAQ
Can sensor users configure MQTT brokers?
Yes, a sensor user can create, update, and delete MQTT brokers.
I have limited access to Automation Builder as a full sensor admin. Why?
A user with full sensor access does not have access to other device types. This means:
- Select devices for toggle SSID is not possible
- Select devices for toggle switchport is not possible
- Select devices to take camera snapshot is only possible if the user also has camera access
To gain full access to the Automation Builder, you will need to be a Network Admin or an Organization Admin.