Skip to main content
Cisco Meraki Documentation

Service Provider Dashboard Roles

  1. Last updated
  2. Save as PDF

日本語版はこちら(Japanese)

SSID-only Administrators

Overview

Service providers can use SSID-only administrators to enable their customers to modify SSID information and see client analytics. Other components of Dashboard will be hidden from the customer, preventing the potential for unwanted changes that could disrupt network performance. SSID-only administrators can specifically access:

  • Network > Client analytics
  • Network > Location analytics
  • Network > Wireless settings.

Not only does this limit the scope of the customer in Dashboard, under Network > Wireless settings, the customer is limited to the following options: 

  • Set SSID name
  • Enable or disable the SSID
  • Configure SSID encryption (eg. Open, WPA2, WPA3)
  • Set the SSID password if applicable
  • Assign either no splash page, a click through splash page, or a Facebook Wi-Fi splash page

Note: This feature is only available to wireless only networks. Combined networks (wireless in addition to another product line) will not show the UI option. 

Note: This feature is only available to Service Providers and must be enabled by Meraki Support.

Configuration

There are two steps to configuring an SSID-only administrator: Defining the SSIDs to be managed, and assigning administration privilege to the customer.

Defining customer configured SSIDs

Under Wireless > SSIDs

  1. For each desired SSID, locate the SSID Admins dropdown.
  2. By default, access will be disabled on all SSIDs. Select access enabled from the dropdown to allow customers to modify this SSID. 
    SP_dashRoles_SSIDconfig.png

Assigning privilege 

As an Organization level administrator: 

Under Organization > Administrators

  1. Click the row for the admin.
    SP_dashRoles_clickAdmin.png
  2. In the row for the Target network, change the Access to SSID-only.
    SP_dashRoles_AssignPriv.png
  3. Click Update Admin.
  4. Click Save changes.

 

As a Network level administrator:

Under Network wide > General

  1. Update the Privilege dropdown for the admin user to the SSID-only field.
    SP_dashRoles_netAdminPriv.png
  2. Click Save changes.

Enterprise Admin

Overview

The Enterprise Admin (EA) is a new role at the organization level (organization > administrators).  It enables the end customer (enterprise) to control aspects of their specific organization while hiding certain elements that are only available to the service provider (Firmware Upgrades, Licensing, SP Branding, SP Admin Users etc.).

This role also adds the ability for a service provider (org admin) to designate SSIDs that an EA can access.  When the role is enabled, there is an additional toggle under wireless > SSIDs that will allow the SP to delegate this access.  A service provider can use this to deploy and configure their own hotspot SSIDs on their customer infrastructure without providing access for the EA to change or reconfigure this SSID.  Client info for those connected to the hotspot SSID are hidden from the EA.

Figure 1. Assigning the Enterprise Admin Role

SP_dashRoles_orgAdmin_enterprise.png

Figure 2. Enabling SSID Access for Enterprise Admins

SP_dashRoles_SSIDconfig_EA.png

 

Enterprise vs. Organization Admin

 

Capability / Functionality

Organization Admin

Enterprise Admin

All monitoring and reporting views

Yes

Most (with the exception of restricted hotspot SSIDs)
Summary Report Yes No (Unavailable due to complexities around isolating hotspot SSID information)
Security Center Yes No (Unavailable due to complexities around isolating hotspot SSID information)
Location Analytics Yes Yes
Client List Yes Yes (with the exception of hotspot SSID clients)
Event Logs Yes Yes (with the exception of hotspot SSID clients)
Group Policies Yes Yes

Change “SSID Admin” rights on an SSID

Yes

No

Create or modify organization admin users

Yes

No

Create or modify regular admin users

Yes

No
View the Site-to-site VPN page Yes Yes (with the exception of viewing the local subnets or Non-Meraki VPN peers)
Client VPN page Yes No
Changelog Yes No

View and modify SSID settings (access control, firewall, splash page, availability)

Yes

Yes (with the exception of restricted hotspot SSIDs)

Detailed firmware visibility on “Organization → overview” page

Yes

No

Firmware upgrade page

Yes

No
Manage staged firmware upgrades (Switching) Yes No

Dashboard branding settings

Yes

No

License info

Yes

No

View inventory and claim devices

Yes

No

Organization → settings

Yes

No

Create networks

Yes

No

Access APIs

Yes

No

Configuration sync

Yes

No

Remote packet captures

Yes

No
Switch and AP status page historical client info Yes No
Meraki Insight Yes Yes
Early Access* Yes No
Configuration Templates Yes No (includes changes to child networks)

*Refer to New Dashboard Experience FAQ

Note: This feature is only available to Service Providers and must be enabled by Meraki Support.