Configuring SAML SSO for Cisco Meraki

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and Cisco Meraki.

Prerequisite

  1. Login to ADSelfService Plus as an administrator.
  2. Navigate to  Configuration → Self-Service → Password Sync/Single Sign On → Add Application, and select Cisco Meraki from the applications displayed.
    Note: You can also find Cisco Meraki application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
  3. Click IdP details in the top-right corner of the screen.
  4. In the pop-up that appears, copy the Login URL, Logout URL and Sha1 FingerPrint .
    5. IDP Details

Cisco Meraki(Service Provider) configuration steps

  1. Login to Meraki with an administrator’s credentials. (https://<subdomain>.meraki.com)

  2. Navigate to Organization → Settings → SAML Configuration.

    Screenshot
  3. Paste the logout URL copied in Step 4 of Prerequisite in the SLO logout URL field.

  4. Paste the SHA1 FingerPrint value copied in Step 4 of Prerequisite in X.509 cert SHA1 fingerprint field.

    Screenshot
  5. Copy the Consumer URL. We will need this in a later step.
  6. Click Save Changes.

Important :

Please make sure in Cisco Meraki the role (Organization > Administrators) maps to the department attribute and the username maps to the mail attribute in Active Directory.

ADSelfService Plus (Identity Provider) configuration steps

  1. Now, switch to ADSelfService Plus’ Meraki Cisc configuration page.
  2. Enter the Application Name and Description.
  3. In the Assign Policies field, select the policies for which SSO need to be enabled.
    Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
  4. Select Enable Single Sign-On.
  5. Enter the Domain Name of your Cisco Meraki account. For example, if you use johndoe@thinktodaytech.com to log in to Cisco Meraki, then thinktodaytech.com is the domain name.
  6. Paste the Consumer URL from Step 5 of Cisco Meraki configuration in the ACS URL field.

  7. Paste the domain and subdomain part (as shown in the image below) of the Consumer URL in the Entity ID field.

    Screenshot
  8. In the Name ID Format field, choose the format for the user login attribute value specific to the application.

    9. Note: Use Unspecified as the default option if you are unsure about the format of the login attribute value used by the application

  9. Click Add Application
Note: For Meraki Cisco, single sign-on is supported only for IDP initiated flow.
Go to Top

Thanks!

Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.

 

Need technical assistance?

  • Enter your email ID
  • Talk to experts
  •  
     
  •  
  • By clicking 'Talk to experts' you agree to processing of personal data according to the Privacy Policy.

Don't see what you're looking for?

  •  

    Visit our community

    Post your questions in the forum.

     
  •  

    Request additional resources

    Send us your requirements.

     
  •  

    Need implementation assistance?

    Try onboarding

     

Copyright © 2024, ZOHO Corp. All Rights Reserved.