Learn Cisco Meraki API:Create & Clone Networks via API

Introduction

Rolling out a single branch office manually via a graphical interface is a manageable task. However, when tasked with deploying fifty, a hundred, or a thousand new sites, relying on manual configuration is a recipe for operational bottlenecks, configuration drift, and inevitable human error.

To achieve true scalability, network engineering has shifted toward Infrastructure as Code (IaC) and API-driven automation.

By leveraging the Cisco Meraki REST API, infrastructure teams can provision new branches programmatically in seconds. Rather than clicking through dozens of dashboard menus to set up firewalls, switches, and wireless access points, a single API call can generate an entire site footprint.

This guide breaks down exactly how to create new Meraki networks and clone existing golden templates using raw API calls, Postman, and Python.

What is Meraki API Site Provisioning?

Meraki API site provisioning refers to the use of HTTP requests to interact directly with the Cisco Meraki cloud backend. Instead of using the Meraki Dashboard GUI, engineers use an HTTP POST request directed at the /organizations/{organizationId}/networks endpoint.

This endpoint accepts a JSON payload containing site-specific parameters—such as the site name, the devices it will support (appliances, switches, cameras), its time zone, and optionally, a source network to clone configurations from.

Why It Matters in Modern Networks

In a modern NetOps environment, speed and consistency are paramount.

When enterprise organizations expand, they require standardized deployments. A retail chain opening a new store needs the exact same VLAN structure, SSID configurations, and firewall rules as their existing locations.

Using the Meraki API to clone an existing “Base Network” guarantees absolute consistency. It removes the human element from the initial build phase, ensuring compliance and significantly accelerating the time-to-value for new infrastructure deployments.

Key Concepts Explained

Before diving into the code, it is critical to understand the foundational API components:

• REST Architecture: Meraki utilizes a RESTful API. GET retrieves data, POST creates new data, PUT updates existing data, and DELETE removes it. To create a network, we must execute a POST request.

• Organization ID: The unique identifier for your overarching Meraki tenant. Networks are always nested underneath an Organization.

• Network ID: The unique identifier for a specific site or deployment (e.g., “Branch_01”).

• copyFromNetworkId: A powerful parameter in the API payload. Passing an existing Network ID into this field instructs Meraki to duplicate the existing site’s configuration into the new site.

• Product Types: A list defining what hardware lives at the site. Valid types include appliance, camera, cellularGateway, sensor, switch, and wireless.

Step-by-Step Breakdown

To automate site creation, follow this logical flow:

1. Authenticate: Ensure you have an active Meraki API key with Organization Read/Write privileges.

2. Retrieve Organization ID: Use a GET request to /organizations to find your target environment.

3. Identify the Source Network: If you plan to clone a site, run a GET request to /organizations/{organizationId}/networks to find the Network ID of your golden template.

4. Construct the JSON Payload: Build the data structure containing the new site’s name, time zone, and the cloning parameter.

5. Execute the POST Request: Push the payload to the API.

6. Post-Provisioning Updates: Immediately update conflicting parameters (like IP subnets) generated by the cloning process.

Configuration / Code Examples

The JSON Payload

When creating a network, the API requires a specific JSON body. Here is an optimized payload structure for cloning a site:

{
  "name": "New_Retail_Branch_05",
  "timeZone": "America/New_York",
  "productTypes": [
    "appliance",
    "switch",
    "wireless",
    "sensor"
  ],
  "copyFromNetworkId": "N_1234567890123456"
}

Example 1: Python Using the requests Library

Python is the industry standard for network automation. Here is how to execute the site creation using the native requests library.

Read Also: Python NETCONF Automation with NCclient

import requests
import json

# Define variables
api_key = "YOUR_MERAKI_API_KEY"
org_id = "YOUR_ORGANIZATION_ID"
url = f"https://api.meraki.com/api/v1/organizations/{org_id}/networks"

# Define the headers
headers = {
    "X-Cisco-Meraki-API-Key": api_key,
    "Content-Type": "application/json",
    "Accept": "application/json"
}

# Define the payload
payload = {
    "name": "New_Retail_Branch_05",
    "timeZone": "America/New_York",
    "productTypes": ["appliance", "switch", "wireless"],
    "copyFromNetworkId": "N_1234567890123456"
}

# Execute the POST request
response = requests.post(url, headers=headers, data=json.dumps(payload))

# Output the result
if response.status_code == 201:
    print("Network created successfully!")
    print(json.dumps(response.json(), indent=4))
else:
    print(f"Failed to create network. Status Code: {response.status_code}")
    print(response.text)

Explanation:

• We construct the endpoint dynamically using an f-string to inject our org_id.

• We pass the API key via the X-Cisco-Meraki-API-Key header.

• The json.dumps(payload) function converts our Python dictionary into a JSON string format that the Meraki cloud can interpret.

• A successful creation returns an HTTP 201 Created status code.

Example 2: Python Using the meraki SDK

Cisco Meraki maintains an official Python SDK that simplifies API interactions.

import meraki

# Initialize the Meraki dashboard client
api_key = "YOUR_MERAKI_API_KEY"
dashboard = meraki.DashboardAPI(api_key)

org_id = "YOUR_ORGANIZATION_ID"
source_network_id = "N_1234567890123456"

try:
    # Create the network using the SDK method
    new_network = dashboard.organizations.createOrganizationNetwork(
        organizationId=org_id,
        name="New_Retail_Branch_05",
        productTypes=["appliance", "switch", "wireless"],
        timeZone="America/New_York",
        copyFromNetworkId=source_network_id
    )
    print("Success! New Network ID:", new_network['id'])
except meraki.APIError as e:
    print(f"Meraki API Error: {e}")

Explanation:

The SDK abstracts away the manual HTTP handling. You simply call createOrganizationNetwork and pass your parameters as arguments. The SDK automatically handles retries and rate-limiting, making it the preferred choice for enterprise scripts.

Real-World Use Cases

• Managed Service Providers (MSPs): MSPs onboarding new clients can spin up highly customized, secure network architectures in seconds by cloning managed base templates.

• Retail Expansion: Stores require identical POS VLANs, guest WiFi configurations, and SD-WAN rules. API cloning guarantees a 100% match.

• Disaster Recovery: If a configuration is accidentally wiped or corrupted, automation scripts can rebuild the entire site logic instantly.

Benefits

• Drastic Time Reduction: What takes 30 minutes of dashboard clicking takes 2 seconds via code.

• Zero Configuration Drift: Cloning ensures all ACLs, group policies, and content filtering rules are exact duplicates.

• Auditability: Infrastructure changes executed via script can be tracked in Git version control systems.

Common Challenges

The biggest challenge when using the copyFromNetworkId parameter is dealing with exact duplication.

When you clone a Meraki network, everything copies over. This includes local VLAN IP subnets and DHCP scopes. If you are participating in a Meraki Auto VPN (Site-to-Site VPN) topology, you cannot have two sites advertising the exact same IP subnet.

Therefore, cloning a site is only step one. Step two must immediately involve running a PUT request to update the new site’s VLAN subnets, DHCP ranges, and localized firewall objects before bringing the site online.

Best Practices

1. Maintain Golden Templates: Create inactive “Template Networks” in your dashboard strictly used as cloning sources. Never alter these unless updating your global baseline.

2. Validate Inputs: Use Python data validation (like Pydantic) to ensure your time zones and product types are formatted correctly before firing the API call.

3. Modularize Your Code: Separate your authentication logic from your deployment logic so scripts can be reused safely.

Security Considerations

API keys carry the same weight as enterprise administrator credentials.

• Never hardcode API keys: Never paste your API key directly into a script that will be committed to GitHub.

• Use Environment Variables: Store keys locally on your machine (os.getenv('MERAKI_API_KEY')).

• Leverage Secrets Management: For CI/CD pipelines, use HashiCorp Vault or AWS Secrets Manager.

• Rotate Keys Regularly: Regenerate your API keys periodically via the Meraki dashboard to minimize the blast radius of a potential compromise.

Troubleshooting Tips

• HTTP 400 Bad Request: Your JSON payload is malformed. Ensure you are passing strings and lists correctly (e.g., productTypes must be a list [], not a string).

• HTTP 401 Unauthorized: Your API key is invalid, expired, or missing from the headers.

• HTTP 404 Not Found: Double-check your Organization ID or Source Network ID. If the ID is incorrect, the endpoint cannot be resolved.

• HTTP 429 Too Many Requests: You have hit the Meraki API rate limit (typically 10 calls per second per organization). Implement exponential backoff in your code, or simply use the official Python SDK which handles 429s automatically.

Future Trends

The network automation landscape is accelerating toward declarative state management. While writing Python scripts is powerful, we are seeing a massive shift toward using Terraform to manage Meraki infrastructure. In the near future, engineers will define site structures in .tf files, allowing cloud pipelines to automatically handle the creation, cloning, and destruction of Meraki networks as code.

7. Frequently Asked Questions (FAQ)

Q: How do I create a new network using the Meraki API?

A: You must send an HTTP POST request to the /organizations/{organizationId}/networks endpoint. Your request must include a JSON body containing the network name and the product types (e.g., appliance, switch, wireless) you plan to deploy.

Q: What is the difference between creating a new Meraki network and cloning one?

A: Creating a new network generates a completely blank slate with default Cisco Meraki settings. Cloning a network (using the copyFromNetworkId parameter) copies all existing configurations, including VLANs, SSIDs, and firewall rules, from a source network into the newly created one.

Q: Where do I find my Meraki Organization ID?

A: You can retrieve your Organization ID by sending a GET request to the https://api.meraki.com/api/v1/organizations endpoint using your API key. The response will list your organizations and their respective IDs.

Q: Can I use Python to automate Meraki site deployments?

A: Yes. Python is highly recommended for Meraki automation. You can use the standard requests library to make raw HTTP calls, or install the official meraki Python SDK (pip install meraki) to simplify authentication and rate-limiting.

Q: What product types are supported when creating a Meraki network?

A: When defining a network, valid product types include appliance (MX firewalls), switch (MS switches), wireless (MR access points), camera (MV cameras), sensor (MT sensors), and cellularGateway (MG gateways).

Q: Why do my VLANs conflict after cloning a Meraki network?

A: When you clone a network using the API, it creates an exact duplicate. This means the local IP subnets and VLAN definitions copy over exactly as they were in the source network. You must run subsequent API calls to update the new site’s subnets to prevent IP overlaps.

Q: What HTTP method is used to create a Meraki network?

A: Creating a new resource in a REST API requires an HTTP POST request.

Q: How do I handle Meraki API rate limits?

A: The Meraki API generally restricts accounts to 10 requests per second per organization. If you exceed this, you receive a 429 status code. You can handle this by implementing Python sleep() delays, or by using the official Meraki SDK, which has built-in automatic retries for rate limits.

8. Featured Snippet Section (Direct Answer):

To create a new Cisco Meraki network via API, send an HTTP POST request to the https://api.meraki.com/api/v1/organizations/{organizationId}/networks endpoint. You must include your API key in the request headers and pass a JSON payload containing the network name and supported productTypes. To clone an existing site, simply add the copyFromNetworkId parameter to your JSON body.

Featured Snippet List (Step-by-Step):

1. Generate your Meraki API Key in the dashboard.

2. Retrieve your Organization ID via a GET request.

3. Identify the Network ID of the site you wish to clone.

4. Construct a JSON payload with the new site name and target product types.

5. Send an HTTP POST request to the Meraki networks endpoint.

6. Run subsequent PUT requests to update local VLAN IPs and DHCP scopes.

Featured Snippet Table (Parameters):