How to add multiple "SAML administrator role" roles in CIsco Meraki Application Skip to main content
https://support.okta.com/help/answers?id=9062a000000quzbqa0&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Raja ShravanRaja Shravan 

How to add multiple "SAML administrator role" roles in CIsco Meraki Application

Is there a way to add multiple "SAML administrator role" roles in Okta CIsco Meraki Application? I was able to add only one role but when I add multiple roles separated by coma, semicolon and double quotes with coma its failing. 

Thank you
Justin BergezJustin Bergez (Okta, Inc.)
Hi Raja,

Only one SAML administrator role can be sent through the OIN app as it's currently configured. I actually brought this up to Meraki support just last week and I believe it has been relayed to their apps team for review.

In the meantime, to configure multiple SAML admin roles, you will need to create a custom app integration (https://help.okta.com/en/prod/Content/Topics/Apps/Apps_App_Integration_Wizard.htm#SAMLWizard) to pass additional roles in the SAML assertion, using attribute statements (https://developer.okta.com/reference/okta_expression_language/index). According to Meraki's SAML documentation (https://documentation.meraki.com/zGeneral_Administration/Managing_Dashboard_Access/Configuring_SAML_Single_Sign-on_for_Dashboard), the format for each statement would look something like this: https://dashboard.meraki.com/saml/attributes/{{role}}.

If you have additional questions or run into any issues with the configuration, feel free to reach out to Okta Support. We are available to assist 24/7/365.

Thank you,
Justin M. Bergez
Sr. Technical Support Engineer | Okta, Inc.
1501885747483_PastedImage
Peter YusufPeter Yusuf
Thanks for posting this article. Is there any update on this from Meraki? I would like to setup a group of users who are wifi guest administrators and do not want to give them full admin rights.