{"type":"api","title":"Get Network Switch Access Policies","meta":{"id":"/apps/pubhub/media/Meraki-Dashboard-API-v1-Documentation/4a73587b50c21afbda73cffb32f23c0279bf8383/5c63a5d4-9452-397a-85eb-8b6fec45147e","info":{"title":"Meraki Dashboard API","description":"A RESTful API to programmatically manage and monitor Cisco Meraki networks at scale.\n\n\u003e Date: 04 December, 2024\n\u003e\n\u003e [Recent Updates](https://meraki.io/whats-new/)\n\n---\n\n[API Documentation](https://meraki.io/api)\n\n[Community Support](https://meraki.io/community)\n\n[Meraki Homepage](https://www.meraki.com)\n","contact":{"name":"Meraki Developer Community","url":"https://meraki.io/community"},"version":"1.53.0"},"security":[{"meraki_api_key":[]},{"bearerAuth":[]}],"tags":[{"name":"organizations"},{"name":"networks"},{"name":"devices"},{"name":"insight"},{"name":"wireless"},{"name":"camera"},{"name":"appliance"},{"name":"switch"},{"name":"cellularGateway"},{"name":"sm"},{"name":"sensor"},{"name":"administered"},{"name":"wirelessController"},{"name":"accessControlLists"},{"name":"accessPolicies"},{"name":"accounts"},{"name":"acls"},{"name":"actionBatches"},{"name":"adaptivePolicy"},{"name":"addresses"},{"name":"admins"},{"name":"airMarshal"},{"name":"alertTypes"},{"name":"alerts"},{"name":"alternateManagementInterface"},{"name":"analytics"},{"name":"api"},{"name":"apiRequests"},{"name":"apnsCert"},{"name":"appliances"},{"name":"applicationCategories"},{"name":"applicationUsage"},{"name":"applications"},{"name":"areas"},{"name":"arpInspection"},{"name":"arpTable"},{"name":"artifacts"},{"name":"assets"},{"name":"assignments"},{"name":"authenticationToken"},{"name":"autoLocate"},{"name":"autoRf"},{"name":"availabilities"},{"name":"bandwidthUsageHistory"},{"name":"bgp"},{"name":"billing"},{"name":"blink"},{"name":"bluetooth"},{"name":"bluetoothClients"},{"name":"bonjourForwarding"},{"name":"boundaries"},{"name":"brandingPolicies"},{"name":"bulk"},{"name":"bulkUpdate"},{"name":"byBoundary"},{"name":"byClient"},{"name":"byDevice"},{"name":"byEnergyUsage"},{"name":"byInterval"},{"name":"byMetric"},{"name":"byModel"},{"name":"byNetwork"},{"name":"byStatus"},{"name":"bySwitch"},{"name":"byType"},{"name":"byUsage"},{"name":"byUtilization"},{"name":"bypassActivationLockAttempts"},{"name":"cableTest"},{"name":"callbacks"},{"name":"categories"},{"name":"cellular"},{"name":"cellularFirewallRules"},{"name":"cellularUsageHistory"},{"name":"certs"},{"name":"changeHistory"},{"name":"channelUtilization"},{"name":"channelUtilizationHistory"},{"name":"channels"},{"name":"claim"},{"name":"claimKey"},{"name":"clientCountHistory"},{"name":"clients"},{"name":"cloudMonitoring"},{"name":"commands"},{"name":"communicationPlans"},{"name":"compliance"},{"name":"configTemplates"},{"name":"configurationChanges"},{"name":"configure"},{"name":"configuredDevices"},{"name":"connectionStats"},{"name":"connections"},{"name":"connectivity"},{"name":"connectivityEvents"},{"name":"connectivityMonitoringDestinations"},{"name":"contentFiltering"},{"name":"coterm"},{"name":"current"},{"name":"customAnalytics"},{"name":"customPerformanceClasses"},{"name":"dataRateHistory"},{"name":"delegated"},{"name":"desktopLogs"},{"name":"details"},{"name":"detections"},{"name":"deviceCommandLogs"},{"name":"deviceProfiles"},{"name":"deviceTypeGroupPolicies"},{"name":"dhcp"},{"name":"dhcpServerPolicy"},{"name":"discovery"},{"name":"dscpTaggingOptions"},{"name":"dscpToCosMappings"},{"name":"eapOverride"},{"name":"earlyAccess"},{"name":"electronicShelfLabel"},{"name":"entitlements"},{"name":"esims"},{"name":"ethernet"},{"name":"eventTypes"},{"name":"events"},{"name":"exportEvents"},{"name":"failedConnections"},{"name":"failover"},{"name":"features"},{"name":"fields"},{"name":"firewall"},{"name":"firewalledServices"},{"name":"firmware"},{"name":"firmwareUpgrades"},{"name":"floorPlans"},{"name":"groupPolicies"},{"name":"groups"},{"name":"health"},{"name":"healthByTime"},{"name":"historical"},{"name":"history"},{"name":"hotspot20"},{"name":"httpServers"},{"name":"identities"},{"name":"identityPsks"},{"name":"idps"},{"name":"imports"},{"name":"inboundCellularFirewallRules"},{"name":"inboundFirewallRules"},{"name":"interfaces"},{"name":"internetPolicies"},{"name":"intrusion"},{"name":"inventory"},{"name":"ipv6"},{"name":"jobs"},{"name":"keys"},{"name":"l2"},{"name":"l3"},{"name":"l3FirewallRules"},{"name":"l7FirewallRules"},{"name":"lan"},{"name":"latencyHistory"},{"name":"latencyStats"},{"name":"latest"},{"name":"leds"},{"name":"licenses"},{"name":"licensing"},{"name":"lines"},{"name":"linkAggregations"},{"name":"linkLayer"},{"name":"live"},{"name":"liveTools"},{"name":"lldpCdp"},{"name":"loginSecurity"},{"name":"logs"},{"name":"lossAndLatencyHistory"},{"name":"malware"},{"name":"managementInterface"},{"name":"manufacturers"},{"name":"me"},{"name":"merakiAuthUsers"},{"name":"meshStatuses"},{"name":"models"},{"name":"monitor"},{"name":"monitoredMediaServers"},{"name":"mqttBrokers"},{"name":"mtu"},{"name":"multicast"},{"name":"netflow"},{"name":"networkAdapters"},{"name":"networkHealth"},{"name":"objectDetectionModels"},{"name":"onboarding"},{"name":"oneToManyNatRules"},{"name":"oneToOneNatRules"},{"name":"openapiSpec"},{"name":"optIns"},{"name":"order"},{"name":"ospf"},{"name":"overview"},{"name":"packetLoss"},{"name":"packets"},{"name":"payloadTemplates"},{"name":"performance"},{"name":"performanceHistory"},{"name":"permissions"},{"name":"pii"},{"name":"piiKeys"},{"name":"ping"},{"name":"pingDevice"},{"name":"policies"},{"name":"policy"},{"name":"policyObjects"},{"name":"portForwardingRules"},{"name":"portSchedules"},{"name":"ports"},{"name":"power"},{"name":"powerModules"},{"name":"prefixes"},{"name":"prepare"},{"name":"priorities"},{"name":"profiles"},{"name":"provisioning"},{"name":"qosRules"},{"name":"qualityAndRetention"},{"name":"qualityRetentionProfiles"},{"name":"radio"},{"name":"ratePlans"},{"name":"readings"},{"name":"recent"},{"name":"redundancy"},{"name":"relationships"},{"name":"rendezvousPoints"},{"name":"requests"},{"name":"responseCodes"},{"name":"restrictions"},{"name":"rfProfiles"},{"name":"roles"},{"name":"rollbacks"},{"name":"routing"},{"name":"rules"},{"name":"saml"},{"name":"samlRoles"},{"name":"schedules"},{"name":"sdwan"},{"name":"search"},{"name":"security"},{"name":"securityCenters"},{"name":"seen"},{"name":"sense"},{"name":"sentry"},{"name":"servers"},{"name":"serviceProviders"},{"name":"settings"},{"name":"signalQualityHistory"},{"name":"sims"},{"name":"singleLan"},{"name":"siteToSiteVpn"},{"name":"smDevicesForKey"},{"name":"smOwnersForKey"},{"name":"snmp"},{"name":"softwares"},{"name":"splash"},{"name":"splashAuthorizationStatus"},{"name":"splashLoginAttempts"},{"name":"ssids"},{"name":"stacks"},{"name":"staged"},{"name":"stages"},{"name":"staticRoutes"},{"name":"statics"},{"name":"stats"},{"name":"status"},{"name":"statuses"},{"name":"stormControl"},{"name":"stp"},{"name":"subnetPool"},{"name":"subnets"},{"name":"subscription"},{"name":"subscriptions"},{"name":"summary"},{"name":"swap"},{"name":"swaps"},{"name":"switches"},{"name":"syslogServers"},{"name":"system"},{"name":"targetGroups"},{"name":"themes"},{"name":"thirdPartyVPNPeers"},{"name":"throughputTest"},{"name":"top"},{"name":"topology"},{"name":"traffic"},{"name":"trafficAnalysis"},{"name":"trafficHistory"},{"name":"trafficShaping"},{"name":"trustedAccessConfigs"},{"name":"trustedServers"},{"name":"upgrades"},{"name":"uplink"},{"name":"uplinkBandwidth"},{"name":"uplinkSelection"},{"name":"uplinks"},{"name":"uplinksLossAndLatency"},{"name":"usage"},{"name":"usageHistories"},{"name":"usageHistory"},{"name":"userAccessDevices"},{"name":"utilization"},{"name":"v4"},{"name":"video"},{"name":"videoLink"},{"name":"vlanAssignments"},{"name":"vlanProfiles"},{"name":"vlans"},{"name":"vmx"},{"name":"vpn"},{"name":"vpnExclusions"},{"name":"vpnFirewallRules"},{"name":"vppAccounts"},{"name":"wakeOnLan"},{"name":"warmSpare"},{"name":"warnings"},{"name":"webhookTests"},{"name":"webhooks"},{"name":"wirelessControllers"},{"name":"wirelessProfiles"},{"name":"wlanLists"},{"name":"zones"}],"x-parser-conf":{"overview":{"markdownPath":"docs/overview.md"},"theme":"meraki","serverConfig":true,"meta":{"useProxy":true},"httpBearer":{"bearerToken":"75dd5334bef4d2bc96f26138c163c0a3fa0b5ca6"},"labelConfig":{"endpoint":{"field":"operationId","format":"startCase"}},"groupBy":{"$remoteModule":"config/group_platform.js"},"sortBy":{"$remoteModule":"config/sort_by.js"},"exampleAsDefault":true,"expand":3,"sampleCode":{"python":{"folder":"meraki/sdk/python","name":"Meraki Python Library","highlight":"python"}},"variables":{"organizationId":"1215707","networkId":"N_784752235069315754","serial":"QBSB-VQ3J-XZ54"}},"openapi":"3.0.1","servers":[{"url":"https://api.meraki.com/{basePath}","variables":{"basePath":{"default":"api/v1"}}}],"securitySchemes":{"meraki_api_key":{"type":"apiKey","name":"X-Cisco-Meraki-API-Key","in":"header"},"bearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"API Key"}}},"spec":{"description":"List the access policies for a switch network. Only returns access policies with 'my RADIUS server' as authentication method","operationId":"getNetworkSwitchAccessPolicies","parameters":[{"name":"networkId","in":"path","description":"Network ID","schema":{"type":"string"},"required":true}],"responses":{"200":{"description":"Successful operation","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","properties":{"name":{"type":"string","description":"Name of the access policy"},"radiusServers":{"type":"array","items":{"type":"object","properties":{"serverId":{"type":"string","description":"Unique ID of the RADIUS server"},"organizationRadiusServerId":{"type":"string","description":"Organization wide RADIUS server ID. This value will be empty if this RADIUS server is not an organization wide RADIUS server"},"host":{"type":"string","description":"Public IP address of the RADIUS server"},"port":{"type":"integer","description":"UDP port that the RADIUS server listens on for access requests"}}},"description":"List of RADIUS servers to require connecting devices to authenticate against before granting network access"},"radius":{"type":"object","properties":{"criticalAuth":{"type":"object","properties":{"dataVlanId":{"type":"integer","description":"VLAN that clients who use data will be placed on when RADIUS authentication fails. Will be null if hostMode is Multi-Auth"},"voiceVlanId":{"type":"integer","description":"VLAN that clients who use voice will be placed on when RADIUS authentication fails. Will be null if hostMode is Multi-Auth"},"suspendPortBounce":{"type":"boolean","description":"Enable to suspend port bounce when RADIUS servers are unreachable"}},"description":"Critical auth settings for when authentication is rejected by the RADIUS server"},"failedAuthVlanId":{"type":"integer","description":"VLAN that clients will be placed on when RADIUS authentication fails. Will be null if hostMode is Multi-Auth"},"reAuthenticationInterval":{"type":"integer","description":"Re-authentication period in seconds. Will be null if hostMode is Multi-Auth"},"cache":{"type":"object","properties":{"enabled":{"type":"boolean","description":"Enable to cache authorization and authentication responses on the RADIUS server"},"timeout":{"type":"integer","description":"If RADIUS caching is enabled, this value dictates how long the cache will remain in the RADIUS server, in hours, to allow network access without authentication"}},"description":"Object for RADIUS Cache Settings"}},"description":"Object for RADIUS Settings"},"guestPortBouncing":{"type":"boolean","description":"If enabled, Meraki devices will periodically send access-request messages to these RADIUS servers"},"radiusTestingEnabled":{"type":"boolean","description":"If enabled, Meraki devices will periodically send access-request messages to these RADIUS servers"},"radiusCoaSupportEnabled":{"type":"boolean","description":"Change of authentication for RADIUS re-authentication and disconnection"},"radiusAccountingEnabled":{"type":"boolean","description":"Enable to send start, interim-update and stop messages to a configured RADIUS accounting server for tracking connected clients"},"radiusAccountingServers":{"type":"array","items":{"type":"object","properties":{"serverId":{"type":"string","description":"Unique ID of the RADIUS accounting server"},"organizationRadiusServerId":{"type":"string","description":"Organization wide RADIUS server ID. This value will be empty if this RADIUS server is not an organization wide RADIUS server"},"host":{"type":"string","description":"Public IP address of the RADIUS accounting server"},"port":{"type":"integer","description":"UDP port that the RADIUS Accounting server listens on for access requests"}}},"description":"List of RADIUS accounting servers to require connecting devices to authenticate against before granting network access"},"radiusGroupAttribute":{"type":"string","description":"Acceptable values are `\"\"` for None, or `\"11\"` for Group Policies ACL"},"hostMode":{"type":"string","enum":["Multi-Auth","Multi-Domain","Multi-Host","Single-Host"],"description":"Choose the Host Mode for the access policy."},"accessPolicyType":{"type":"string","enum":["802.1x","Hybrid authentication","MAC authentication bypass"],"description":"Access Type of the policy. Automatically 'Hybrid authentication' when hostMode is 'Multi-Domain'."},"increaseAccessSpeed":{"type":"boolean","description":"Enabling this option will make switches execute 802.1X and MAC-bypass authentication simultaneously so that clients authenticate faster. Only required when accessPolicyType is 'Hybrid Authentication."},"guestVlanId":{"type":"integer","description":"ID for the guest VLAN allow unauthorized devices access to limited network resources"},"dot1x":{"type":"object","properties":{"controlDirection":{"type":"string","enum":["both","inbound"],"description":"Supports either 'both' or 'inbound'. Set to 'inbound' to allow unauthorized egress on the switchport. Set to 'both' to control both traffic directions with authorization. Defaults to 'both'"}},"description":"802.1x Settings"},"voiceVlanClients":{"type":"boolean","description":"CDP/LLDP capable voice clients will be able to use this VLAN. Automatically true when hostMode is 'Multi-Domain'."},"urlRedirectWalledGardenEnabled":{"type":"boolean","description":"Enable to restrict access for clients to a response_objectific set of IP addresses or hostnames prior to authentication"},"urlRedirectWalledGardenRanges":{"type":"array","items":{"type":"string"},"description":"IP address ranges, in CIDR notation, to restrict access for clients to a specific set of IP addresses or hostnames prior to authentication"},"counts":{"type":"object","properties":{"ports":{"type":"object","properties":{"withThisPolicy":{"type":"integer","description":"Number of ports in the network with this policy. For template networks, this is the number of template ports (not child ports) with this policy."}},"description":"Counts associated with ports"}},"description":"Counts associated with the access policy"}}}},"example":[{"name":"Access policy #1","radiusServers":[{"serverId":"1","organizationRadiusServerId":"42","host":"1.2.3.4","port":22}],"radius":{"criticalAuth":{"dataVlanId":100,"voiceVlanId":100,"suspendPortBounce":true},"failedAuthVlanId":100,"reAuthenticationInterval":120,"cache":{"enabled":false,"timeout":24}},"guestPortBouncing":false,"radiusTestingEnabled":false,"radiusCoaSupportEnabled":false,"radiusAccountingEnabled":true,"radiusAccountingServers":[{"serverId":"2","organizationRadiusServerId":"42","host":"1.2.3.4","port":22}],"radiusGroupAttribute":"11","hostMode":"Single-Host","accessPolicyType":"Hybrid authentication","increaseAccessSpeed":false,"guestVlanId":100,"dot1x":{"controlDirection":"inbound"},"voiceVlanClients":true,"urlRedirectWalledGardenEnabled":true,"urlRedirectWalledGardenRanges":["192.168.1.0/24"],"counts":{"ports":{"withThisPolicy":12}}}]}}}},"summary":"List the access policies for a switch network","tags":["switch","configure","accessPolicies"],"__originalOperationId":"getNetworkSwitchAccessPolicies","security":[{"meraki_api_key":[]},{"bearerAuth":[]}],"method":"get","path":"/networks/{networkId}/switch/accessPolicies","sampleCode":{"Meraki Python Library":{"code":"import meraki\n\n# Defining your API key as a variable in source code is discouraged.\n# This API key is for a read-only docs-specific environment.\n# In your own code, use an environment variable as shown under the Usage section\n# @ https://github.com/meraki/dashboard-api-python/\n\nAPI_KEY = '75dd5334bef4d2bc96f26138c163c0a3fa0b5ca6'\n\ndashboard = meraki.DashboardAPI(API_KEY)\n\nnetwork_id = 'L_646829496481105433'\n\nresponse = dashboard.switch.getNetworkSwitchAccessPolicies(\n network_id\n)\n\nprint(response)","highlight":"python"}}}}