Pagos Hotspot API is a multi-tenant FastAPI service that bridges payment processing and MikroTik WiFi infrastructure. When a customer selects an access plan in a captive portal, the API charges their card through Conekta or Mercado Pago, creates a Hotspot user directly on the MikroTik router, and returns credentials — all within a single HTTP request. Optionally, the API injects a MAC cookie to authenticate the device automatically without requiring the user to type anything.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/sistemashm24/pagos_hotspot_api/llms.txt
Use this file to discover all available pages before exploring further.
What the API Does
Every request to the public payment endpoints follows the same high-level pipeline:- Authenticate the portal — The captive portal sends its per-router API Key in the
X-API-Keyheader. The API resolves the associated company and router from that key. - Validate the product — The requested
producto_idis checked against the company’s product catalog to confirm it is active and belongs to the correct tenant. - Create the MikroTik user first — The Hotspot user is created on the router before the card is charged. If user creation fails, the customer is never billed.
- Charge the card — The order is submitted to Conekta or Mercado Pago using the company’s own payment credentials.
- Double-validate the charge — The payment status is re-verified server-side to prevent accepting pre-authorized or pending orders.
- Rollback on failure — If the charge fails after user creation, the MikroTik user is deleted automatically, leaving no orphaned entries on the router.
- Auto-connect (optional) — If
conexion_automatica: trueand amac_clienteare provided, the API binds the MAC address to the new user and triggers a login on the router via MAC cookie injection. - Return credentials — Username, password, product details, and auto-connection status are returned to the portal in a single JSON response.
Three-Role System
Access to the platform is governed by three distinct roles:| Role | Who | What They Can Do |
|---|---|---|
super_admin | Platform operator | Create and manage companies, assign routers, create cliente_admin users, view the global dashboard |
cliente_admin | Per-company WiFi operator | Configure payment gateways, manage products, view routers and MikroTik profiles, inspect transactions |
| End-user (API Key) | Captive portal software | Fetch the product catalog, process payments — scoped strictly to one router via JWT API Key |
jwt_). The key encodes the router_id and empresa_id, so a single validation step resolves both the payment gateway credentials and the MikroTik connection details.
Architecture Overview
Key Features
Multi-Tenant Architecture
Each company has isolated products, routers, payment credentials, and transaction history. One API deployment serves unlimited tenants.
Dual Payment Gateways
Native integrations for both Conekta and Mercado Pago. Each company configures its own gateway keys independently.
Automatic Rollback
If a card charge fails after the MikroTik user was created, the user is deleted automatically — no stale accounts, no billing disputes.
MAC Auto-Connection
Pass a
mac_cliente and conexion_automatica: true to skip the credentials screen entirely. The device connects the moment the payment clears.Webhook Support
Per-company webhooks notify your backend of payment events in real time via
POST /api/v1/webhook.Structured Logging & Alerts
All events are emitted as structured JSON via
structlog. Telegram alerting can be wired into the notification layer for instant operator awareness.Explore the Docs
Quickstart
Send your first payment request and receive MikroTik credentials in under 5 minutes.
Authentication Overview
Understand JWT API Keys, session tokens, and the two-layer auth system.
Purchase Flow Guide
Step-by-step walkthrough of the full captive portal purchase flow.
Payments — Conekta
Full API reference for
POST /api/v1/payments/pagar-conekta.