Before completing the Cisco Meraki integration on your Cloudi-Fi tenant through API. Here is the knowledge you should be aware about the API Permissions.
Meraki API Rights
With Meraki, the API is tightly linked to the administrators.
This means that the admin’s rights and scope are directly tied to the organization level, specific networks, and even multi-orgs. The default roles are quite straightforward. There are "Full access" and "Observer" roles. These should be sufficient for two main scenarios.
- "Full access" gives us the power to access all the organization information and get the MAC addresses of devices in each network. It also allows us to push the SSID configuration if needed.
- The "Observer" role is a read-only permission that enables us to synchronize the organization and networks with their respective devices’ MAC addresses.
Meraki Role Assignment
When creating an admin on Meraki, you can specify the scope - whether it’s the organization or the networks - and then assign the appropriate roles.
Ideally, it's prefererd to have organization-level scope to avoid any unnecessary friction. This way, if you want to deploy in other locations, you won’t have to upgrade the admin scope first. There are also a few limited access roles available, however we are not compatible with these.