topic Re: are APIs necessarily bind to users? in Network Platform API

are APIs necessarily bind to users?

Kurn — Mon, 23 Jun 2025 14:33:24 GMT

Hi there!

This is my first post. I've searched though the forum but haven't found an answer. I was wondering if it is possible to generate an API key in the dashboard that is not linked to a user, so that if the user leaves, it can remain functional.

Is this possible or would it be better to make a service account?

Thanks in advance!

Re: are APIs necessarily bind to users?

aleabrahao — Mon, 23 Jun 2025 14:37:05 GMT

No, it is not possible.

Re: are APIs necessarily bind to users?

aleabrahao — Mon, 23 Jun 2025 14:38:56 GMT

What you can do is create a dedicated service account and then generate the APIs through that account. Remember to enable MFA for that account.

Re: are APIs necessarily bind to users?

Kurn — Mon, 23 Jun 2025 14:46:39 GMT

Thanks for the fast answer! So that's how I imagined it. I'll just have to do it then.

Have a nice day!

Re: are APIs necessarily bind to users?

mloraditch — Mon, 23 Jun 2025 15:35:19 GMT

You can't do it with a key but the newer OAuth would possibly help in your use case:https://developer.cisco.com/meraki/api-v1/oauth-overview/

Re: are APIs necessarily bind to users?

Philip D'Ath — Mon, 23 Jun 2025 20:05:48 GMT

You can use OAUTH.

https://community.meraki.com/t5/Feature-Announcements/Exciting-News-OAuth-2-0-is-Now-Available/ba-p/264026

This works best for applications that run on servers (like a web app), and although it does work in scripts, it doesn't suit scripts as well.

Re: are APIs necessarily bind to users?

p.deleuw — Wed, 25 Jun 2025 05:53:02 GMT

This is exactly the way I work: Create a service account, activate 2FA and generate API.

Re: are APIs necessarily bind to users?

NiclasAndersen — Mon, 14 Jul 2025 11:53:23 GMT

Will OAuth also be the way to go for automating the creation of organizations and networks, that is hosted on as a web app, or will the service account with api key be the way to go?

Re: are APIs necessarily bind to users?

obrigg — Mon, 14 Jul 2025 13:29:02 GMT

Creation of networks - yes.

Creation of new organizations - no. OAuth follows the principles of zero trust, and if it could create a new organization where it will have full admin rights - it would be considered privilege escalation.

What are you trying to achieve?

Re: are APIs necessarily bind to users?

NiclasAndersen — Tue, 15 Jul 2025 06:39:04 GMT

i have a website, that automates the creation of new customers(new organizations), including default config for networks, ssids, fw rules and so on.

Another thing i am not totally sure about with OAuth, will the authentication to an org for a specific organization be there for ever, or would the user need to authenticate to an org every time they log in on my website?

Would the approach be to use the service account to create the default config, and with all other operations use OAuth?

Re: are APIs necessarily bind to users?

obrigg — Tue, 15 Jul 2025 14:41:13 GMT

Currently, for a use-case of creating new organizations - API keys would make more sense.

Configuration changes, compliance, monitoring - these can be achieved with OAuth.

As long as the OAuth refresh token is used at least once every 90 days - the integration will last indefinitely (unless an admin revokes it).

https://developer.cisco.com/meraki/api-v1/oauth-overview/