Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts with replies and give us your feedback.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
15568
Views
5
Helpful
7
Replies

SAML-based user authentication per SSID

avs1
Level 3
Level 3

‎01-20-2019 07:27 PM

Is it possible to configure SAML-based user authentication against 3rd party iDP (okta) for byod SSID?

Labels:
0 Helpful
7 Replies 7

Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎01-20-2019 10:17 PM

Not using SAML, no (at least not out of the box).

But I see Okta have an LDAP interface:

https://www.okta.com/blog/2018/09/move-ldap-authentication-to-the-cloud-with-oktas-ldap-interface/

And you can configure LDAP splash page authentication.

https://documentation.meraki.com/MR/Splash_Page/Configuring_Splash_Page_Authentication_with_an_LDAP_Server

avs1
Level 3
Level 3
In response to Philip D'Ath

‎01-21-2019 11:57 AM

This requires Okta agent to run on-prem or at AWS/GCP, which we are trying to avoid.

SAML auth would be ideal as no agents would require. Would Meraki partner with IronWiFi to provide this functionality?

0 Helpful

Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star
In response to avs1

‎01-21-2019 12:04 PM

Meraki have an open API, so IronWiFi would just need to integrate with it.

I believe Splash Access already provides integration with Azure AD if you don't mind using a third party.

https://www.splashaccess.com/cisco-meraki-azure-ad-with-splashaccess/

0 Helpful

avs1
Level 3
Level 3
In response to Philip D'Ath

‎02-28-2019 03:57 AM

We don't have Azure AD to integrate with, but we have Okta. Is there an FRE for Meraki native api integration with OKTA?

IronWiFi has RADIUS-based integration with Meraki: https://www.ironwifi.com/cisco-meraki/

0 Helpful

omari1
Community Member

‎06-03-2019 01:54 PM

Hi @avs1

Did you ever find a solution to this? I'm trying to figure this out myself. I haven't been able to connect the Okta LDAP interface with Meraki at all.

I am trying to avoid purchasing Ironwifi or Foxpass if I can.

0 Helpful

ben@numo.com
Community Member
In response to omari1

‎08-14-2019 11:45 AM

My company is interested in this too. We've virtually eliminated AD / LDAP and the ridiculous overhead that comes with stand-alone directory management. It's bugging me that with all the available authentication integrations, SAML isn't included.

russell.sage
Level 7
Level 7

‎11-01-2022 04:00 AM

I am working on this for a customer using the Sponsored Guest Portal. When the user connects to the AP ISE redirects them to Azure AD and ISE reports them as authenticated. The user gets a browser window with a message to click the continue buttonimage.jpeg. On doing so they get an error 500 message. we are running ISE3.1on a single box in AWS as PoC.

0 Helpful
Customers Also Viewed These Support Documents