Skip to main content

About Cisco Meraki

Cisco Meraki is a cloud-managed networking platform: organizations, networks, and devices (including wireless access points) are all administered through the Meraki Dashboard. Serval connects to the Meraki Dashboard with a single Dashboard API key - you paste it in once, Serval stores it encrypted and attaches it as a Bearer token to every request a workflow makes. One connection covers every Meraki organization the key’s administrator can see; workflows that need a specific organization take its ID as an input. Serval only ever sends the key to one host for this integration: api.meraki.com. Authentication: Meraki Dashboard API key - a single key pasted into Serval. There is no OAuth or sign-in flow. Data sync: No background sync starts when you connect. Data access is on-demand through workflows, plus one installable ingestion workflow, “Ingest Access Points from Meraki”, that syncs an organization’s wireless access points into Serval as assets.

What the Cisco Meraki integration enables

CapabilityDescription
Full Meraki Dashboard API accessWorkflows use the “Meraki API request” action to call any part of the Meraki Dashboard API v1 - 588 endpoints (859 operations) covering organizations, networks, devices, wireless SSIDs, VLANs, clients, and the rest of the Dashboard API, generated from the v1.64.0 spec.
Wireless access point ingestionThe installable “Ingest Access Points from Meraki” workflow syncs every wireless access point in a Meraki organization’s device inventory into Serval as assets, identified by serial number, with the full device record attached.
Connection health checksThree built-in checks confirm the API key is valid and can read your organizations, networks, and devices.
Anything defined in the Meraki Dashboard API can be accessed through Serval.

Get your credentials

Serval needs a Meraki Dashboard API key, generated from a Dashboard administrator’s profile. The key carries exactly the Dashboard permissions of the administrator who generates it - there are no scopes to choose - so generate it from an organization-level admin account if Serval should see all of your organizations, networks, and devices. Meraki’s official guide is here: Meraki API authorization guide.
1

Log in to the Meraki Dashboard

Go to the Meraki Dashboard and log in as the administrator whose access Serval should use.
2

Open your profile

Click your avatar icon in the top-right corner and open My Profile.
3

Find the API access section

Scroll down to API access.
4

Generate the key

Click Generate new API key.
5

Copy the key immediately

Copy the key right away and store it securely - then paste it into Serval’s API Key field.
There are no permission checkboxes anywhere in this process: the key can do exactly what the generating administrator can do, no more and no less. A key generated by an admin with limited or network-scoped access is the most common cause of failed health checks later.

Connect in Serval

1

Open the Cisco Meraki connect form

Add a new Cisco Meraki connection from your Serval integrations page.
2

Paste your API Key

The API Key field is required (marked with an asterisk) and is described as “Your Cisco Meraki API key. You can generate one from your Meraki Dashboard profile settings.” Leaving it empty shows “This field is required”.
3

Submit the form

Click Submit. If installation fails, the form shows “Failed to install integration” (with details appended when available). On success the connection appears as “Cisco Meraki”, pointed at api.meraki.com.
Serval does not test or format-check the key when you save - a mistyped or revoked key is accepted at save time and only surfaces when the health checks run. Run them right after connecting (see below).
After saving, the key is displayed masked - bullet characters plus its last 4 characters. To rotate it later, click Replace next to the masked value and paste the complete new key into the “Enter new value” box. Saving an update with the key field untouched or blank keeps your existing stored key. If an update fails, Serval shows “Failed to update integration:” followed by details, “Failed to update configuration”, or “Failed to save configuration. Please try again.”, depending on which form you used.
One connection covers every Meraki organization the key’s administrator can see. Workflows that operate on a specific organization - like the access point ingestion workflow - ask for the organization ID as an input.

Verifying the connection

The connection ships three health checks that make live calls to Meraki:
  • Validate Meraki API Connection - confirms the key authenticates and can list your Meraki organizations. On success it reports “Successfully connected to Meraki API. Found [number] organization(s).” and its result data includes the IDs and names of the first 5 organizations. On failure: “Unable to connect to Meraki API. Please verify your API key is valid and has the necessary permissions.”
  • List Networks - lists the networks in the first organization the key can see, to confirm network read permission. Success: “Successfully listed [number] network(s) in organization “[name]"". Failure: “Unable to list networks. Please verify your API key has network read permissions.” If the key sees no organizations at all, the check still passes with “No organizations found. Cannot test network listing without an organization.”
  • List Devices - lists the devices in the first organization the key can see, to confirm device read permission. Success: “Successfully listed [number] device(s) in organization “[name]"". Failure: “Unable to list devices. Please verify your API key has device read permissions.” With zero organizations it still passes with “No organizations found. Cannot test device listing without an organization.”
The network and device checks only probe the first organization returned. If the checks are green but a workflow fails against a different organization, the key likely has limited access in that organization - a passing check proved read access in one organization, not all of them.

Gotchas and troubleshooting

The key has exactly the Dashboard permissions of the administrator who generated it - there are no scopes to select. The failure messages “Unable to list networks. Please verify your API key has network read permissions.” and “Unable to list devices. Please verify your API key has device read permissions.” almost always trace back to a key generated by an admin with limited or network-scoped access. Regenerate the key from an organization-level admin account and replace it on the connection.
Connecting starts no background sync. Asset sync ships as an installable ingestion workflow, “Ingest Access Points from Meraki”: give it the Meraki organization ID to ingest from, and it pages through that organization’s device inventory 1000 devices at a time, keeps only wireless access points, and performs a full sync into Serval keyed by each device’s serial number. Assets are named after the device’s name, falling back to its model, then to “AP” plus the serial number. Devices that are not wireless access points are not ingested by this workflow - other data stays available on demand through your own workflows.
The connection is pinned to Meraki’s API host, not to one organization, so organization choice happens per workflow. The easiest way to find an organization ID is to run the Validate Meraki API Connection health check - its result data includes the IDs and names of the first 5 organizations the key can see.
The List Networks and List Devices checks pick the first organization returned and test only that one. If your key spans many organizations (for example 12), a passing check confirms network and device read access in a single organization - not all of them. Test the workflow against the specific organization it targets.
Click Replace next to the masked value and paste the full new key. Never re-enter the masked value (the bullets plus the last 4 characters) as if it were the key. Serval’s form discards any value shaped like the masked placeholder before submitting, so a re-pasted mask never overwrites your key through the UI - and a blank update also keeps the previously saved key. That protection lives in the form, though: any other non-empty value that actually reaches the backend is stored verbatim as your key, so a masked string submitted outside the UI - for example through a scripted call - would be saved as the literal API key and break the connection.
Serval reaches only api.meraki.com, Meraki’s default global API endpoint. Regional clusters with different base addresses - Canada, China, India, and US FedRAMP - are not reachable. Contact support@serval.com if your organization is hosted in one of those regions.

Need help? Contact support@serval.com for assistance with your Cisco Meraki integration.