Routers are the physical MikroTik devices that serve as WiFi hotspot gateways for each tenant company. When a router is created, the API automatically generates a JWT-based API Key (prefixed withDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/sistemashm24/pagos_hotspot_api/llms.txt
Use this file to discover all available pages before exploring further.
jwt_) that the captive portal uses to authenticate payment and hotspot creation requests. The full API Key is only returned at creation or regeneration time — it is never stored in plain text.
All endpoints in this section require Authorization: Bearer <session_token> for a user with the super_admin role.
POST /admin/empresas//routers
Creates a new router for the specified company and automatically generates a JWT API Key. The fulljwt_ token is returned in the response body and must be delivered to the client for use in their captive portal.
cURL
Path Parameters
Company ID that will own this router, e.g.
EMP_3A9F1C0B2D. Must be an existing active company.Request Body
Must match the
empresa_id path parameter.Display name for the router, e.g.
"Router Principal".IP address or hostname of the MikroTik device, e.g.
"192.168.88.1".MikroTik API port. Default is
8728 (plaintext API). Use 8729 for encrypted API-SSL.MikroTik API username.
MikroTik API password. Stored directly in the database (
password_encrypted column) and used by the server to connect to the router.Optional human-readable physical location, e.g.
"Lobby Piso 1".Response
Auto-generated router ID in the format
RTR_ + 8 uppercase hex characters, e.g. RTR_A1B2C3D4.Company that owns this router.
Router display name.
MikroTik device IP/hostname.
API port number.
Physical location, or
null if not provided.Always
true on creation.The full JWT API Key — shown only once. Starts with
jwt_. Deliver this to the client for use in their captive portal’s X-API-Key header.Router creation timestamp.
Example Response
GET /admin/empresas//routers
Lists all routers belonging to a company. Does not include API Key values.cURL
Path Parameters
Company ID to list routers for.
Response
Returns an array ofRouterResponse objects (without api_key).
Example Response
GET /admin/empresas//routers/
Returns detailed information for a specific router. Verifies the router belongs to the specified company.cURL
Path Parameters
Company ID.
Router ID to retrieve.
Response
Returns a singleRouterResponse object. Returns HTTP 404 if the router does not exist or belongs to a different company.
PUT /admin/empresas//routers//toggle-activo
Toggles the active/inactive state of a router. Inactive routers cannot process payments or be used to create hotspot users.cURL
Path Parameters
Company ID.
Router ID to toggle.
Response
Router Activated
Router Deactivated
POST /admin/empresas//routers//regenerate-api-key
Revokes the current API Key and issues a new one. Use this when a client loses or compromises their API Key. The previous key stops working immediately.cURL
Path Parameters
Company ID.
Router ID whose key should be rotated. The router must be active (
activo = true).Response
Always
"API Key regenerada exitosamente" on success.The router whose key was regenerated.
The new full API Key including the
jwt_ prefix. Shown only once.true if a previous active key was found and revoked. false if there was no active key to revoke.Example Response
Error Responses
| Status | Detail |
|---|---|
400 | "No se puede regenerar API key de un router inactivo" |
404 | Router not found or does not belong to the company |
GET /admin/empresas//routers//api-keys
Returns the complete history of all API Keys (active and revoked) for a router, ordered by issuance date descending. Useful for auditing key rotations and detecting suspicious activity.cURL
Path Parameters
Company ID.
Router ID to fetch key history for.
Response
Returns an array ofRouterAPIKeyInfo objects.
Unique key identifier, e.g.
"key_a1b2c3d4e5f6g7h8".Router this key was issued for.
Company this key belongs to.
When the key was generated.
When the key expires or expired.
true if the key has been manually revoked.Timestamp of revocation.
null if never revoked.Timestamp of the most recent successful API call made with this key.
null if the key has never been used.Total number of successful authenticated requests made with this key. Defaults to
0.Example Response
POST /admin/empresas//routers//api-keys//revoke
Revokes a specific API Key by itskey_id without issuing a new one. Use this when a key is suspected to have been compromised and you need to block it before generating a replacement via regenerate-api-key.
cURL
Path Parameters
Company ID.
Router ID.
Key ID to revoke, e.g.
"key_a1b2c3d4e5f6g7h8". Obtain from the GET api-keys endpoint.Response
Error Responses
| Status | Detail |
|---|---|
400 | "La API Key ya está revocada" |
404 | API Key not found for this router/company |
GET /admin/empresas//routers//api-key-status
Returns the status of the currently active API Key for a router, including expiry information and usage warnings. Use this for health monitoring dashboards.cURL
Path Parameters
Company ID.
Router ID to check.
Response
The router ID checked.
true if there is a non-revoked, non-expired key. false otherwise.Active key identifier.
null if no active key exists.When the active key was issued.
When the active key expires.
Remaining days until expiry. A warning is set when this value is below 30.
Last time the key was used successfully.
Total authenticated requests made with the active key.
"active" if a valid key exists, "no_key" if none found.Advisory message, e.g.
"La API Key expira en 15 días" or "Esta API Key nunca ha sido usada". null if no warnings.Suggested action, e.g.
"Considerar regenerar la API Key pronto". null if no recommendation.Set to
"No hay API Key activa para este router" when has_active_key is false.Active Key — No Warnings
Active Key — Expiring Soon
No Active Key
DELETE /admin/empresas//routers/
Permanently deletes a router and all its associated API Key tracking records. This action is irreversible.cURL
Path Parameters
Company ID.
Router ID to delete permanently.
Response
Error Responses
| Status | Detail |
|---|---|
400 | "No se puede eliminar el router porque tiene N producto(s) asociado(s)" |
404 | Router not found or does not belong to the company |