Configuring SAML for Meraki

REQUIRED ACCOUNT/PERMISSION LEVEL

Bitium: All account levels; must be an admin to set up

Meraki: Must be an admin to set up

In Bitium:

  1. Log into Bitium and go to “Manage Apps.”

  2. Select “Meraki” from the list of installed apps.

  3. Select the “Single Sign-On” tab.

  4. From the dropdown, select “SAML Authentication.”

    Select SAML Authentication

  5. Copy down the “X.509 Certificate Fingerprint” value

  6. Leave your Bitium window open.

In Meraki:

  1. In a new browser tab, log into your Meraki admin account and review the instructions found here.
  2. Go to Organization > Settings
  3. Under “SAML Configuration”, select “SAML SSO enabled”
  4. Enter the “X.509 Certificate Fingerprint” value from Bitium into the field “X.509 cert SHA1 fingerprint”
  5. Click the “Save Changes” button at the bottom
  6. After the screen refreshes, copy down the “Consumer URL” value. It should be something like “https://xxxx.meraki.com/saml/login/xxxxx/xxxxxxxxx
  7. Go to Organization > Administrators
  8. There should now be a section titled “SAML administrator roles”
  9. Click “Add SAML role” and create a role with the priviledges you want. Copy down the name of the role.
  10. After creating the role, click “Save Changes” to save the new role.

In Bitium:

  1. Enter the “Consumer URL” from Meraki into the “ACS URL” field
  2. Enter the SAML role from Meraki into the “Role” field
  3. Click the “Save Changes” button.
SAML Enabled will be illuminated in green once completed.

Troubleshooting

If you run into errors authenticating into Meraki with SAML, login to your admin account with username and password. Once authenticated, go to Organization > Administrators and click on “SAML login history” to look for errors.