Cisco Meraki
Cisco Meraki provides devices and software to help businesses manage Wi-Fi network access for employees and guests.
Updated over a week ago

Cisco Meraki is the leader in cloud controlled Wi-Fi, routing and security. Cisco Meraki provides devices and software to help businesses manage Wi-Fi network access for employees and guests.

How does this application work?

Upon sign-in, visitors will receive an email or text message directing the visitor to visit and join a Meraki Wi-Fi SSID. You will be asked to enter your Wi-Fi credentials as provided before. The unique credentials are created for each visitor are valid for 24 hours or less, as specified during configuration. The specified time chosen during set up is only to set the amount of time that the password is valid for. If they have signed into the network with their credentials, upon Envoy sign-out, the session expiration time will be updated to end the Meraki session.

Note: For this app to work, you must collect either visitor email addresses or phone numbers at sign-in. Learn more about how to configure your Envoy sign-in fields.

Enabling the Envoy + Meraki application

  1. Under Wi-Fi, find Cisco Meraki, and click “Install.”

  2. Log into Cisco Meraki, navigate to Organization > Settings. Locate the section titled Dashboard API access and select Enable Access, then save your changes.

  3. Choose your username at the top-right of the Meraki dashboard and select My profile. Locate the section titled Dashboard API access and click on Generate new API key. Store your key in a safe place.

    1. Note: If you do not see a button labeled “Generate new API key” then the API quota may be full. In this scenario, it is necessary to remove an API key before a new API key can be generated or locate an already generated key for use in the Envoy config.

  4. In Envoy, paste the Meraki API key and click “Save Configuration”.

    1. If your company uses another region for Meraki's API, please select from the drop-down.

  5. Select your desired Meraki Organization and click “Next Step”

  6. Select your desired Guest Network from the dropdown and click “Next Step”.

  7. Select your desired SSID from the dropdown.

  8. [Access Duration]: Choose the length of time up to 24 hours for guest wi-fi access

  9. [Optional]: Select Visitor types to block from receiving Wi-Fi credentials.

  10. [Optional]: Send guest Wi-Fi credentials to hosts.

    1. This is useful when visitors do not have easy access to email or text messages or if they are not required to enter their email address or phone number at sign in.

  11. [Optional]: Select delete visitor credentials on sign-out from "User Management Portal" (Network-wide -> Users)

  12. Select your Security and Splash Page Settings:

    *This setting should correspond with your Meraki settings configured under Wireless < Access Control < Security as displayed here:

    For example, if you select Open with Meraki Cloud Authorization in Envoy you must also select Open (no encryption) in Meraki.

  13. Click “Complete setup.”


  • Please ensure that the Splash page is set to sign on with Meraki Cloud Authentication.

  • If moving from the previous version of Meraki, there is no custom splash page URL.

What is the visitor experience with the Envoy + Cisco Meraki app?

  • When a visitor signs in, they will provide their email address and/or phone number. The visitor will receive an email or SMS with instructions on how to access your Wi-Fi. 

  • When they follow the instructions in the email or SMS, they will be directed to the Envoy-hosted splash page. There, they’ll enter the password and will connect to Wi-Fi. 

  • To view all the active connections within your access point, you can do the following: Within Wireless > Access Points > on the Meraki dashboard, click into your access point and then scroll down to Clients. The numeric IDs listed under the Clients section will be the Entry IDs for your Envoy Visitors connected to your network.


  • Confirm the splash page is configured to your desire with click-through terms:

  • Ensure the SSID is set to Open Encryption.

    • SSID needs to be set to the following:

      - Enabled

      - Open Encryption

      - Splash page = Meraki Cloud Authentication

      - Client IP and VLAN:

      • Meraki AP assigned (NAT mode)

      • (or) External DHCP server assigned

  • The default session timeout for passwords is configurable during creation. We expire the user when the visitor is signed out.

  • What is the difference between older versions of Meraki & Envoy and the latest Meraki release?

    • V2 has more functionality to blocklist by visitor type from receiving credentials.

    • Connects directly to the Meraki API; therefore, when visitors sign out, their session ends automatically.

    • User creation for guest access is handled through Meraki Cloud Authentication

Did this answer your question?