Skip to content
Sign In

Sign In

Sign In is a cloud guest network service. It presents a branded captive portal and a broad set of sign-in methods, and it controls who reaches the network and on what terms through access policies, with self-service so that hosts and guests manage their own access.

Service at a glance

Purpose
Cloud guest Wi-Fi with a branded captive portal and a broad set of sign-in methods
Editions
Go (essentials) Available · Enterprise (full feature set) Available
Deployment
Cisco Service Gateway (per throughput) or Cisco Meraki (per access point)
Best for
Guest and visitor Wi-Fi, events, multi-site venues, BYOD onboarding
Licensed by
By deployment method, plus a feature tier
Data location
Global Cloud, or Nordic Sovereign Cloud (data in Sweden)

Sign In gives visitors, guests, and BYOD users a simple, branded way onto the network while giving the operator control over access and a clear record of it. It suits guest Wi-Fi in offices and public venues, event and conference access, multi-site deployments, and BYOD onboarding.

2. Service scope, editions, and deployment

Section titled “2. Service scope, editions, and deployment”

A Sign In service context is one captive portal. An organization can run several contexts, for example one per venue or audience. The service is offered in two editions and on two deployment methods.

Deployment methodLicensed byNotes
Cisco Service GatewayPer throughput (Mbps) on a Cisco routerAdds DHCP, DNS, secure tunneling, routing, and application visibility
Cisco MerakiPer activated MR access pointDirect integration with the Meraki Dashboard
EditionScope
GoEssentials for guest Wi-Fi: captive portal, core sign-in methods, basic services
EnterpriseFull feature set: all sign-in methods, self-service, statistics, multi-site, and the platform services
  • A branded captive portal, customizable per context, with multi-language support.
  • More than ten sign-in methods that can be combined, including click-to-connect, email and SMS self-provisioning, SAML single sign-on, meeting host, conference and event access, username and password, and whitelisting.
  • Access policies that match guests (for example by email pattern) and set which methods apply, session length, device quotas, and self-service permissions.
  • A self-service portal for hosts and guests.
  • Compliance controls: configurable data retention, data subject search, and audit logging.

Sign In presents the captive portal in the cloud and integrates with the network at the edge. With Cisco Meraki, it works through the Meraki Dashboard. With a Cisco Service Gateway, a Cisco router connects to the platform over a FlexVPN (IKEv2/IPSec) tunnel and provides DHCP, DNS, BGP routing, VRF-based tenant isolation, application visibility, and optional Cisco TrustSec (SXP) integration for the portal. Captive-portal detection uses DHCP option 114 (RFC 8910) on clients that support it, with a standard redirect fallback. Access policies decide, per guest, which sign-in methods and session terms apply.

5. Customer requirements and prerequisites

Section titled “5. Customer requirements and prerequisites”
ItemRequirement
NetworkA Cisco Meraki network, or a Cisco router able to act as a service gateway
Meraki deploymentAccess to the Meraki Dashboard for the activated access points
Service Gateway deploymentA supported Cisco router (for example ISR 1100/4400 or Catalyst 8000) connected to the platform over a FlexVPN (IKEv2/IPSec) tunnel, providing DHCP, DNS, BGP routing, and optional Cisco TrustSec (SXP)
Identity (optional)A SAML 2.0 identity provider where single sign-on is used for guests or hosts

Network connectivity is summarized in Network Requirements.

Sign In integrates with Cisco Meraki and with Cisco routers as a service gateway, with SAML identity providers for single sign-on, and with external systems through webhooks. An optional Cloud DNS add-on provides light DNS filtering on the Service Gateway and Sign In. See Integrations.

RoleSurfaceCapabilities
Organization / Sign In administratorAdministration PortalFull configuration of the context, sign-in methods, access policies, and users
Module managerAdministration PortalManage sign-in methods, reports, and user activity
OperationsAdministration PortalView service status and network statistics
Host / guestSelf-Service PortalManage their own meetings, events, guests, or devices

See Roles and Administration Levels.

Sign In is licensed by deployment method (per throughput on a Cisco Service Gateway, or per activated Cisco Meraki access point) plus a feature tier (Go or Enterprise), on top of the platform delivery license. An access-point license can be shared with EasyPSK on a separate SSID. Authoritative product codes and terms are on the Sign In License page; the model is summarized in Licensing and Service Levels. Licenses are sold through authorized partners.

Access is governed by policy rather than by per-tier network segments alone. Administrative changes are recorded in the audit log, data retention is configurable by the customer, and data subject search supports GDPR requests. Platform-wide protections are described in Security and Data Protection and Logging, Reporting, and Retention.

  • Access is scoped by policy; Sign In is not a per-tier VLAN segmentation product.
  • Guest presence is derived from network signals, not from per-access-point radio mapping.
  • Some methods and platform services are available only in the Enterprise edition.
  • EntryPoint provides RADIUS authentication for employees, BYOD, and IoT. Sign In handles guest onboarding; EntryPoint handles 802.1X and Identity PSK.
  • EasyPSK provides per-unit residential Wi-Fi keys, complementary to Sign In on the same Cisco Meraki access points.

Use Sign In when you need a branded guest network with flexible sign-in methods and policy-based access on Cisco Meraki or a Cisco Service Gateway. Do not use Sign In as the authentication method for managed employee devices or IoT fleets (use EntryPoint), or for per-unit residential Wi-Fi keys (use EasyPSK).

Next