Logic Flow

1. Client connects to AP.
2. AP redirects the client to splash server.
3. Splash page displays content and includes additional parameters in the URL.
4. Client interacts with the site (form, oAuth, SMS, etc.).
5. Form submission sends user name and password to Meraki in the post body.
6. Meraki sends the user credentials to the configured RADIUS or Meraki Authentication server in the post body.
7. Meraki grants the login and redirects the client to the success_url.
8. The success_url is a route on the splash server that will store the logout_url paramater.
9. The client is logged in and will see a final splash page which optionally presents a logout button using the supplied logout_url parameter.
10. The user can optionally press a logout button using the logout_url to end their session. If a continue_url is provided in the query, it will send the client to this page.

HTTP Flow

Splash Page URL

This is the initial URL the client will be redirected to once associated with the network, which was set in the Custom Splash URL section in the Meraki Dashboard.

Sample URL

[GET]

https://splashserver/splash

Meraki automatically appends the additional parameters to be parsed by the client.

https://splashserver/splash?login_url=https%3A%2F%2Fn143.network-auth.com%2Fsplash%2Flogin%3Fmauth%3DMM1SZQlKjZsbExZ8sXIegKpUGaShrHlYgSYDAUdgiuxDuS4j46GE2lgPsWNdf6irbns5oO6HUIahXvgUtKoW7fAr4OuNypBHRjnJlRi2dEeqnE9s-YsURZog8i0pdzcApFaF0v3g6jTTOIrJMNSNiIFLOv67WLHXX4s3slfyo2ulZrhjqNQek2BJQgr17bTUXA4I3Rgfo6AEw%26continue_url%3Dhttp%253A%252F%252Fwww.ask.com%252F&continue_url=http%3A%2F%2Fwww.ask.com%2F&ap_mac=88%3A15%3A44%3A60%3A1c%3A1a&ap_name=mr53-ca&ap_tags=MR53+BLE+LivingRoom&client_mac=f4%3A5c%3A89%3A9b%3A17%3A67&client_ip=192.168.0.13

Parameters

Login URL

The login_url will contain the path where the login form must be posted to. At a minimum, a username and password must be included in the [post] body. In addition, a continue_url can be included to redirect the client to their intended site by copying the user_continue_url value. Alternatively, the continue_url can be a callback to the splash server to continue interacting with the client.

Sample URL

[POST]

https://n143.network-auth.com/splash/login?mauth=<dynamicTokenbyMeraki>

Parameters

Success URL

Once authenticated, the client will be redirected to the continue_url as configured in the previous step. You have the opportunity to use the provided logout_url to create a logout button. In addition, you can append a logout_url query to specify the final page the user will be redirected to.

Sample URL

[GET]

https://splashserver/excapSuccess?logout_url=https%3A%2F%2Fn143.network-auth.com%2Fsplash%2Flogout%3Fkey%3DMMObdckbTbsqH-kZh58wC1rh66VdYkao1N17ZViB0vFZux8uMlO3E1nskAgZ-LbT3x5ef1pb6YKL8

Parameters

Logout URL

The client can use the logout_url to send a [GET] request to Meraki. The URL can include a query parameter with the continue_url to direct the client to a logged out page.

Sample URL

[GET]

https://n143.network-auth.com/splash/logout?key=DMMO...&continue_url=https%3A%2F%2Fsplashserver.com%2Floggedout

Parameters

The variables that can be sent with the logout_url.

Code Samples

Here is a collection of sample code for various environments. This is a great starting point to begin working with the APIs. In most cases, you can clone the software to your development machine and be up in running in a short amount of time.

Note: The following samples are for reference only and should be implemented with professional oversight. User security and privacy is critical to Cisco Meraki. Please ensure that any installation is encrypted and manages user security as a core consideration.

HTML & JavaScript

• Client-side JavaScript – Basic
• Client-side JavaScript with Zapier

NodeJS

• Express & MongoDB
• Express & Group Policies
• Express, Passport & MongoDB – Social Login

Firebase

• Client-side JavaScript with Firebase Hosting and Database

Node-RED

• Meraki and Spark Demo Flows

PHP

• Sign-on Splash