To blacklist any client manually, first go to Network > Security to classify and add client mac addresses as Banned clients.
Either manually enter MAC Addresses or upload a file with the list of MACs.
Or from API, we can make PUT request under – sites/:site_id/setting/blacklist with payload of mac addresses
Next, navigate to Network > WLANs to enable blacklisting of banned clients in the Security section
Banned clients will not be able to connect the particular SSID even after providing a correct PSK. Client events generated will be “802.11 Auth Denied”
Note: If the client is already connected to the SSID and
- The SSID later enabled the security option to blacklist the client, or
- The client was classified as Banned but SSID enabled the security option to blacklist later
The connected client will get disconnected from the SSID.
If a client is removed from the banned list or if the SSID disabled manual blacklisting clients, then client will be able to reconnect to SSID.
Learn more about Rogue Clients Detection and Classification here: https://www.mist.com/documentation/rogue-clients-detection/