# Altostrat Documentation ## Docs - [Get Device Change Events](https://docs.altostrat.io/api-reference/arp/devices/get-device-change-events.md): Retrieves the change event history for a specific device. - [Get Device Details](https://docs.altostrat.io/api-reference/arp/devices/get-device-details.md): Retrieves details for a specific device by its MAC address. - [Get Device IP History](https://docs.altostrat.io/api-reference/arp/devices/get-device-ip-history.md): Retrieves the IP address history for a specific device. - [List Devices](https://docs.altostrat.io/api-reference/arp/devices/list-devices.md): Retrieves a list of network devices belonging to the authenticated customer, with filtering and pagination. - [Update Device Alias](https://docs.altostrat.io/api-reference/arp/devices/update-device-alias.md): Updates the alias for a specific device. - [Asynchronous job execution](https://docs.altostrat.io/api-reference/developers/asynchronous-api/asynchronous-job-execution.md): Queues a job to run scripts or config changes on the router without waiting for real-time response. - [Retrieve a list of jobs for a router](https://docs.altostrat.io/api-reference/developers/asynchronous-api/retrieve-a-list-of-jobs-for-a-router.md): Fetch asynchronous job history or status for a specified router. - [Retrieve router faults](https://docs.altostrat.io/api-reference/developers/health/retrieve-router-faults.md): Gets the last 100 faults for the specified router, newest first. - [Retrieve router metrics](https://docs.altostrat.io/api-reference/developers/health/retrieve-router-metrics.md): Provides uptime/downtime metrics for the past 24 hours based on heartbeats. - [Create a transient port forward](https://docs.altostrat.io/api-reference/developers/port-forwards/create-a-transient-port-forward.md): Establish a temporary TCP forward over the management tunnel for behind-NAT access. - [Delete a transient port forward](https://docs.altostrat.io/api-reference/developers/port-forwards/delete-a-transient-port-forward.md): Revokes a port forward before it naturally expires. - [Retrieve a specific port forward](https://docs.altostrat.io/api-reference/developers/port-forwards/retrieve-a-specific-port-forward.md): Returns the details for one transient port forward by ID. - [Retrieve active transient port forwards](https://docs.altostrat.io/api-reference/developers/port-forwards/retrieve-active-transient-port-forwards.md): List all active port forwards for a given router. - [Retrieve a list of routers](https://docs.altostrat.io/api-reference/developers/sites/retrieve-a-list-of-routers.md): Returns a list of MikroTik routers belonging to the team associated with the bearer token. - [Retrieve OEM information](https://docs.altostrat.io/api-reference/developers/sites/retrieve-oem-information.md): Provides manufacturer data (model, CPU, OS license, etc.) for a given router. - [Retrieve router metadata](https://docs.altostrat.io/api-reference/developers/sites/retrieve-router-metadata.md): Gets freeform metadata (like name, timezone, banner, etc.) for a specific router. - [Synchronous MikroTik command execution](https://docs.altostrat.io/api-reference/developers/synchronous-api/synchronous-mikrotik-command-execution.md): Real-time RouterOS commands for read or quick ops (not recommended for major config changes). - [Adopt Device](https://docs.altostrat.io/api-reference/spa/async/bootstrap-&-adoption/adopt-device.md): Endpoint called by the device during bootstrapping to finalize adoption. It receives device information (heartbeat data), creates or finds the site record, and returns the final adoption script including the scheduler setup. Requires `Heartbeat` and `RunbookToken` middleware. Accepts `x-ros-debug` header. - [Get Bootstrap Script](https://docs.altostrat.io/api-reference/spa/async/bootstrap-&-adoption/get-bootstrap-script.md): Retrieves the initial bootstrap script for a device based on a runbook token. The device fetches this script to start the adoption process. Requires a valid runbook token middleware (`RunbookToken`). Accepts `x-ros-debug` header for verbose/non-minified script. - [Notify Scheduler Deletion](https://docs.altostrat.io/api-reference/spa/async/bootstrap-&-adoption/notify-scheduler-deletion.md): Endpoint called by a device's scheduler *after* it successfully deletes the Altostrat polling scheduler (typically when the site itself is being deleted/decommissioned). Requires `SiteAuth` and validates signature. Marks the site's deletion as fully completed. - [Receive Heartbeat & Get Job](https://docs.altostrat.io/api-reference/spa/async/heartbeat/receive-heartbeat-&-get-job.md): Endpoint called periodically by the managed device (via scheduler). Sends device status (heartbeat) and receives the next pending job script, if any. Requires `SiteAuth` middleware (device-specific Bearer token). - [Get Customer Site IDs (Internal Lite)](https://docs.altostrat.io/api-reference/spa/async/internal/get-customer-site-ids-internal-lite.md): Retrieves only the UUIDs of sites for a specific customer ID. Requires internal API token authentication. - [Get Customer Sites (Internal)](https://docs.altostrat.io/api-reference/spa/async/internal/get-customer-sites-internal.md): Retrieves a list of sites for a specific customer ID. Requires internal API token authentication. - [Get Online Site IDs (Internal)](https://docs.altostrat.io/api-reference/spa/async/internal/get-online-site-ids-internal.md): Retrieves a list of UUIDs for all sites currently marked as having a pulse (online). Intended for internal use. - [Get Site Counts for Multiple Customers (Internal)](https://docs.altostrat.io/api-reference/spa/async/internal/get-site-counts-for-multiple-customers-internal.md): Retrieves the count of sites for each customer ID provided in the request body. Requires internal API token authentication. - [Create Site Job](https://docs.altostrat.io/api-reference/spa/async/jobs/create-site-job.md): Creates a new job (command/script) for a specific site. Requires `job:create` permission and user ownership of the site. Uses headers for job metadata. - [Delete Site Job](https://docs.altostrat.io/api-reference/spa/async/jobs/delete-site-job.md): Deletes a *pending* job (one that has not started execution). Requires `job:delete` permission and user ownership. - [Get Job Details](https://docs.altostrat.io/api-reference/spa/async/jobs/get-job-details.md): Retrieves details for a specific job associated with a site. Requires `job:view` permission and user ownership of the site/job. - [List Site Jobs](https://docs.altostrat.io/api-reference/spa/async/jobs/list-site-jobs.md): Retrieves a list of jobs associated with a specific site. Requires `job:view` permission and user ownership of the site. - [Update Job Status (from Device)](https://docs.altostrat.io/api-reference/spa/async/jobs/update-job-status-from-device.md): Endpoint called by the device (using a signed URL provided in the job script) to update the status of a job (busy, done, fail). Uses `ValidateSignature` and `SubstituteBindings` middleware. - [Get Runbook Details](https://docs.altostrat.io/api-reference/spa/async/runbooks/get-runbook-details.md): Retrieves details for a specific Runbook, including its bootstrap command. Requires user authentication and authorization (user must own the runbook). - [SFTP User Authentication](https://docs.altostrat.io/api-reference/spa/async/sftp-auth/sftp-user-authentication.md): Called by the AWS SFTP Gateway to authenticate a user attempting to log in. Validates the provided password (cached temporarily) against the username (site UUID) and returns an IAM role and S3 policy if valid. - [Delete Site](https://docs.altostrat.io/api-reference/spa/async/sites/delete-site.md): Marks a site for deletion. The actual deletion and resource cleanup happen asynchronously. Requires `site:delete` permission and user ownership. Accepts `X-Force-Delete: true` header for immediate forceful deletion (use with caution). - [Get Recent Sites](https://docs.altostrat.io/api-reference/spa/async/sites/get-recent-sites.md): Retrieves a list of the 5 most recently accessed sites by the authenticated user. Requires user authentication. - [Get Site Details](https://docs.altostrat.io/api-reference/spa/async/sites/get-site-details.md): Retrieves detailed information for a specific site. Records the access as a "recent site" for the user. Requires `site:view` permission and user ownership. - [Get Site Hourly Uptime Stats](https://docs.altostrat.io/api-reference/spa/async/sites/get-site-hourly-uptime-stats.md): Retrieves hourly uptime/downtime percentage statistics for the last 24 hours for a specific site. Requires user authentication and ownership. - [Get Site Version Info](https://docs.altostrat.io/api-reference/spa/async/sites/get-site-version-info.md): Retrieves basic version information for a specific site. - [List User's Sites](https://docs.altostrat.io/api-reference/spa/async/sites/list-users-sites.md): Retrieves a list of all sites associated with the authenticated user. Requires `site:view` permission. - [List User's Sites (Minimal)](https://docs.altostrat.io/api-reference/spa/async/sites/list-users-sites-minimal.md): Retrieves a minimal list of sites (ID, name, pulse status, basic info) associated with the authenticated user. Optimized for dropdowns or quick lists. Requires `site:view` permission. - [Manually Create Site (Internal/Admin)](https://docs.altostrat.io/api-reference/spa/async/sites/manually-create-site-internaladmin.md): Allows manual creation of a site record, bypassing the usual adoption flow. Intended for internal tooling or administrative purposes. Requires appropriate permissions (likely admin/internal). - [Update Site Details](https://docs.altostrat.io/api-reference/spa/async/sites/update-site-details.md): Updates mutable details of a specific site (e.g., name, address, location, timezone). Requires `site:update` permission and user ownership. - [Get Country Codes and Locale Info](https://docs.altostrat.io/api-reference/spa/authentication/ancillary-services/get-country-codes-and-locale-info.md): Returns a list of supported countries with their codes, flags, and currency information based on the user's detected IP address. - [Get States/Provinces](https://docs.altostrat.io/api-reference/spa/authentication/ancillary-services/get-statesprovinces.md): Returns a list of states or provinces for countries that have them defined (e.g., US, CA, AU, ZA). - [Get Supported Date/Time Formats](https://docs.altostrat.io/api-reference/spa/authentication/ancillary-services/get-supported-datetime-formats.md): Returns lists of supported date and time formats with examples based on the user's timezone. - [Get Supported Timezones](https://docs.altostrat.io/api-reference/spa/authentication/ancillary-services/get-supported-timezones.md): Returns a list of all supported timezones and timezones specific to the user's detected or profile country. - [Get Timezones for a Country](https://docs.altostrat.io/api-reference/spa/authentication/ancillary-services/get-timezones-for-a-country.md): Returns a list of supported timezones for a specific country code (ISO2). - [Create API Credential for Team](https://docs.altostrat.io/api-reference/spa/authentication/api-credentials/create-api-credential-for-team.md): Creates a new API credential (token) for the specified team. Requires `api:create` scope. The full token is only returned on creation. - [Delete API Credential](https://docs.altostrat.io/api-reference/spa/authentication/api-credentials/delete-api-credential.md): Deletes/revokes an API credential. Requires `api:delete` scope. - [Get API Credential Details](https://docs.altostrat.io/api-reference/spa/authentication/api-credentials/get-api-credential-details.md): Retrieves details for a specific API credential. Requires `api:view` scope. Does not return the secret token value. - [List API Credentials for Team](https://docs.altostrat.io/api-reference/spa/authentication/api-credentials/list-api-credentials-for-team.md): Retrieves all API credentials (tokens) associated with the specified team. Requires `api:view` scope. - [Update API Credential](https://docs.altostrat.io/api-reference/spa/authentication/api-credentials/update-api-credential.md): Updates the name or expiration date of an API credential. Requires `api:update` scope. - [Authenticate using API Token](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/authenticate-using-api-token.md): Exchanges a valid Altostrat API Token (provided as Bearer token) for a short-lived JWT. - [Confirm Two-Factor Authentication](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/confirm-two-factor-authentication.md): Confirms the 2FA setup using a code from the authenticator app. - [Disable Two-Factor Authentication](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/disable-two-factor-authentication.md): Disables 2FA for the authenticated user. - [Enable Two-Factor Authentication](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/enable-two-factor-authentication.md): Enables 2FA for the authenticated user. Requires confirmation step. - [Generate New 2FA Recovery Codes](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/generate-new-2fa-recovery-codes.md): Generates and returns a new set of 2FA recovery codes, invalidating the old ones. - [Get 2FA QR Code](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/get-2fa-qr-code.md): Retrieves the SVG QR code for setting up 2FA in an authenticator app. - [Get 2FA Recovery Codes](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/get-2fa-recovery-codes.md): Retrieves the user's current 2FA recovery codes. - [Get 2FA Secret Key](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/get-2fa-secret-key.md): Retrieves the secret key for manually setting up 2FA. - [Get Authenticated User Info (API)](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/get-authenticated-user-info-api.md): Retrieves detailed information about the currently authenticated user via API token (JWT). - [Get Authenticated User Info (OAuth)](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/get-authenticated-user-info-oauth.md): Retrieves detailed information about the currently authenticated user (standard OIDC endpoint). - [Get JSON Web Key Set (JWKS)](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/get-json-web-key-set-jwks.md): Returns the JSON Web Key Set used for verifying JWT signatures. - [Get OpenID Connect Configuration](https://docs.altostrat.io/api-reference/spa/authentication/authentication-&-user-info/get-openid-connect-configuration.md): Returns the OpenID Connect discovery document containing endpoints and capabilities. - [Get Billing Account Details](https://docs.altostrat.io/api-reference/spa/authentication/billing--account/get-billing-account-details.md): Retrieves the Stripe customer account details associated with the user's organization. - [Update Billing Account Details](https://docs.altostrat.io/api-reference/spa/authentication/billing--account/update-billing-account-details.md): Updates the Stripe customer account details (name, email, address parts, additional invoice info). Country is immutable. Requires `billing:update` scope. - [Get Invoice or Upcoming Invoice](https://docs.altostrat.io/api-reference/spa/authentication/billing--invoices/get-invoice-or-upcoming-invoice.md): Retrieves details for a specific past invoice (using `in_...` ID) OR the upcoming invoice for a subscription (using `sub_...` ID). Requires `billing:view` scope. - [Get Next Payment Details (Upcoming Invoice)](https://docs.altostrat.io/api-reference/spa/authentication/billing--invoices/get-next-payment-details-upcoming-invoice.md): Retrieves details about the next upcoming invoice for the default subscription. Requires `billing:view` scope. - [List Invoices](https://docs.altostrat.io/api-reference/spa/authentication/billing--invoices/list-invoices.md): Retrieves a list of past invoices (including pending) for the organization. Requires `billing:view` scope. - [Preview Price Change](https://docs.altostrat.io/api-reference/spa/authentication/billing--invoices/preview-price-change.md): Previews the invoice changes if the subscription interval were changed. Requires `billing:view` scope. - [Create Setup Intent](https://docs.altostrat.io/api-reference/spa/authentication/billing--payment-methods/create-setup-intent.md): Creates a Stripe SetupIntent to securely collect payment method details (e.g., for adding a new card). Requires `billing:update` scope. - [Delete Payment Method](https://docs.altostrat.io/api-reference/spa/authentication/billing--payment-methods/delete-payment-method.md): Deletes a saved payment method. Cannot delete the default payment method. Requires `billing:update` scope. - [List Payment Methods](https://docs.altostrat.io/api-reference/spa/authentication/billing--payment-methods/list-payment-methods.md): Retrieves a list of saved payment methods (cards) for the organization's billing account. Requires `billing:view` scope. - [Set Default Payment Method](https://docs.altostrat.io/api-reference/spa/authentication/billing--payment-methods/set-default-payment-method.md): Sets a previously added payment method (identified by its Stripe PM or Card ID) as the default for the organization's subscriptions. Requires `billing:update` scope. - [Cancel Subscription](https://docs.altostrat.io/api-reference/spa/authentication/billing--subscriptions/cancel-subscription.md): Cancels the specified subscription plan immediately. Requires `billing:update` scope. Cannot cancel if active services exceed minimum/free tier. - [Create or Update Subscription](https://docs.altostrat.io/api-reference/spa/authentication/billing--subscriptions/create-or-update-subscription.md): Creates a new `default` subscription or updates the quantity/interval of an existing one based on the provided plan details. Requires `billing:update` scope and a default payment method. - [Get Public Pricing Information](https://docs.altostrat.io/api-reference/spa/authentication/billing--subscriptions/get-public-pricing-information.md): Retrieves public pricing details, potentially localized based on IP address. Does not require authentication. - [Get Subscription Overview](https://docs.altostrat.io/api-reference/spa/authentication/billing--subscriptions/get-subscription-overview.md): Retrieves an overview of the organization's current subscription status, usage, and pricing for different plans. Requires `billing:view` scope. - [Add Tax ID](https://docs.altostrat.io/api-reference/spa/authentication/billing--tax-ids/add-tax-id.md): Adds a Tax ID to the organization's billing account. Requires `billing:update` scope. - [Delete Tax ID](https://docs.altostrat.io/api-reference/spa/authentication/billing--tax-ids/delete-tax-id.md): Deletes a Tax ID from the organization's billing account. Requires `billing:update` scope. - [List Supported Tax ID Types](https://docs.altostrat.io/api-reference/spa/authentication/billing--tax-ids/list-supported-tax-id-types.md): Retrieves a list of supported Tax ID types with descriptions, country codes, and examples. Requires `billing:view` scope. - [List Tax IDs](https://docs.altostrat.io/api-reference/spa/authentication/billing--tax-ids/list-tax-ids.md): Retrieves a list of Tax IDs associated with the organization's billing account. Requires `billing:view` scope. - [Get Organization ID for Team (Internal)](https://docs.altostrat.io/api-reference/spa/authentication/internal-m2m/get-organization-id-for-team-internal.md): Internal endpoint to look up organization and owner details based on a team ID. Requires M2M authentication. - [Get Team License/Seat Count (Internal)](https://docs.altostrat.io/api-reference/spa/authentication/internal-m2m/get-team-licenseseat-count-internal.md): Internal endpoint for checking available license seats within a team context. Requires specific internal M2M Bearer token authentication. - [Get User Email Details (Internal)](https://docs.altostrat.io/api-reference/spa/authentication/internal-m2m/get-user-email-details-internal.md): Internal endpoint to retrieve user's email details. Requires M2M authentication. - [Get User Mobile Details (Internal)](https://docs.altostrat.io/api-reference/spa/authentication/internal-m2m/get-user-mobile-details-internal.md): Internal endpoint to retrieve user's mobile number details. Requires M2M authentication. - [Record CVE Scan Charge (Internal)](https://docs.altostrat.io/api-reference/spa/authentication/internal-m2m/record-cve-scan-charge-internal.md): Internal endpoint to record a usage-based charge for a CVE scan against a team's organization. Requires M2M authentication. - [Trigger Site Count Sync (Internal)](https://docs.altostrat.io/api-reference/spa/authentication/internal-m2m/trigger-site-count-sync-internal.md): Internal endpoint to trigger a background job that syncs site counts for all organizations. Requires M2M authentication. - [Update Organization Trial End Date (Internal)](https://docs.altostrat.io/api-reference/spa/authentication/internal-m2m/update-organization-trial-end-date-internal.md): Internal endpoint to set or update the trial end date for an organization. Requires M2M authentication. - [Create Team Role](https://docs.altostrat.io/api-reference/spa/authentication/roles-&-permissions/create-team-role.md): Creates a new custom role specific to the current team. Requires `role:create` scope. - [Delete Team Role](https://docs.altostrat.io/api-reference/spa/authentication/roles-&-permissions/delete-team-role.md): Deletes a custom role specific to the current team. Cannot delete global roles or roles currently assigned to users. Requires `role:delete` scope. - [Get Role Details](https://docs.altostrat.io/api-reference/spa/authentication/roles-&-permissions/get-role-details.md): Retrieves details of a specific role (global or team-specific). Requires `role:view` scope. - [List Available Scopes](https://docs.altostrat.io/api-reference/spa/authentication/roles-&-permissions/list-available-scopes.md): Retrieves a list of all available permission scopes in the system. - [List Team Roles](https://docs.altostrat.io/api-reference/spa/authentication/roles-&-permissions/list-team-roles.md): Retrieves all roles available within the current team context (includes global and team-specific roles). Requires `role:view` scope. - [Update Team Role](https://docs.altostrat.io/api-reference/spa/authentication/roles-&-permissions/update-team-role.md): Updates a custom role specific to the current team. Cannot update global roles. Requires `role:update` scope. - [Cancel Team Invitation](https://docs.altostrat.io/api-reference/spa/authentication/teams/cancel-team-invitation.md): Cancels a pending team invitation. Requires `teams:invite-users` scope (or owner permission). - [Create Team](https://docs.altostrat.io/api-reference/spa/authentication/teams/create-team.md): Creates a new team owned by the authenticated user, associated with their organization. Requires `team:create` scope (or implicitly allowed for owners). - [Delete Team](https://docs.altostrat.io/api-reference/spa/authentication/teams/delete-team.md): Deletes a team. Requires `team:delete` scope (or owner permission). Cannot delete personal teams or teams with active resources. - [Get Invitation Details](https://docs.altostrat.io/api-reference/spa/authentication/teams/get-invitation-details.md): Retrieves details of a specific pending invitation. - [Get Team Details](https://docs.altostrat.io/api-reference/spa/authentication/teams/get-team-details.md): Retrieves details for a specific team the user belongs to. - [Get Team Member Details](https://docs.altostrat.io/api-reference/spa/authentication/teams/get-team-member-details.md): Retrieves the details of a specific member within a specific team, including their roles within that team. - [Invite User to Team](https://docs.altostrat.io/api-reference/spa/authentication/teams/invite-user-to-team.md): Sends an invitation email to a user to join the specified team. Requires `teams:invite-users` scope. - [List Pending Team Invitations](https://docs.altostrat.io/api-reference/spa/authentication/teams/list-pending-team-invitations.md): Retrieves a list of pending invitations for the specified team. - [List Team Members](https://docs.altostrat.io/api-reference/spa/authentication/teams/list-team-members.md): Retrieves a list of users who are members of the specified team. - [List User's Teams](https://docs.altostrat.io/api-reference/spa/authentication/teams/list-users-teams.md): Retrieves a list of all teams the authenticated user is a member of. - [Remove Team Member](https://docs.altostrat.io/api-reference/spa/authentication/teams/remove-team-member.md): Removes a specified user from the specified team. Requires `teams:remove-users` scope or owner permission. Cannot remove the team owner. - [Switch Current Team](https://docs.altostrat.io/api-reference/spa/authentication/teams/switch-current-team.md): Sets the specified team as the authenticated user's current active team context. - [Update Team](https://docs.altostrat.io/api-reference/spa/authentication/teams/update-team.md): Updates the details of a specific team. Requires `team:update` scope (or owner permission). - [Create or Add User to Team](https://docs.altostrat.io/api-reference/spa/authentication/user-management/create-or-add-user-to-team.md): Creates a new user (if email doesn't exist) and adds them to the current team, or adds an existing user to the team. Requires `user:create` scope. Sends verification emails/SMS if applicable. Newly created users get a temporary password returned in the response (only on creation). - [Delete User](https://docs.altostrat.io/api-reference/spa/authentication/user-management/delete-user.md): Removes a user from the system **if** they are not the owner of any team with other members. Requires `user:delete` scope unless deleting self (which is generally disallowed if owner). - [Get User Details](https://docs.altostrat.io/api-reference/spa/authentication/user-management/get-user-details.md): Retrieves details for a specific user within the current team context. Requires `user:view` scope. - [List Users in Current Team](https://docs.altostrat.io/api-reference/spa/authentication/user-management/list-users-in-current-team.md): Retrieves a list of all users belonging to the authenticated user's current team. Requires `user:view` scope. - [Resend Email Verification](https://docs.altostrat.io/api-reference/spa/authentication/user-management/resend-email-verification.md): Sends a new email verification link to the specified user if their email is not already verified. Rate limited. - [Resend Mobile Verification](https://docs.altostrat.io/api-reference/spa/authentication/user-management/resend-mobile-verification.md): Sends a new mobile verification link (via SMS) to the specified user if their mobile is not already verified and is set. Rate limited. - [Submit Feedback](https://docs.altostrat.io/api-reference/spa/authentication/user-management/submit-feedback.md): Submits user feedback, which creates a ticket in the helpdesk system. - [Update User Details](https://docs.altostrat.io/api-reference/spa/authentication/user-management/update-user-details.md): Updates the profile information for a specific user. Requires `user:update` scope unless updating self. Updating email or mobile number will reset verification status and trigger new verification flows. Can also update user roles within the team. - [List backups for a site](https://docs.altostrat.io/api-reference/spa/backups/site-backups/list-backups-for-a-site.md): Retrieves an array of available RouterOS backups for the specified site. Requires `backup:view` scope. - [Request a new backup for a site](https://docs.altostrat.io/api-reference/spa/backups/site-backups/request-a-new-backup-for-a-site.md): Enqueues a backup request for the specified site. Requires `backup:create` scope. - [Retrieve a specific backup file](https://docs.altostrat.io/api-reference/spa/backups/site-backups/retrieve-a-specific-backup-file.md): Shows the contents of the specified backup file. By default returns JSON with parsed metadata. If header `X-Download` is set, it downloads raw data. If `x-highlight` is set, highlights syntax. If `x-view` is set, returns raw text in `text/plain`. Requires `backup:view` scope. - [Retrieve subnets from latest backup](https://docs.altostrat.io/api-reference/spa/backups/site-backups/retrieve-subnets-from-latest-backup.md): Parses the most recent backup for the specified site, returning discovered local subnets. Requires `backup:view` scope. - [Show diff between two backup files](https://docs.altostrat.io/api-reference/spa/backups/site-backups/show-diff-between-two-backup-files.md): Returns a unified diff between two backup files. By default returns the diff as `text/plain`. If `X-Download` header is set, you can download it as a file. If `x-highlight` is set, it highlights the diff in a textual format. Requires `backup:view` scope. - [Assign BGP Policy to Site](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/bgp-policy/assign-bgp-policy-to-site.md): Assigns or updates the BGP/DNR policy for a specific site tunnel. Creates the tunnel record if it doesn't exist. - [Create BGP Policy](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/bgp-policy/create-bgp-policy.md): Creates a new BGP/DNR policy. - [Delete BGP Policy](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/bgp-policy/delete-bgp-policy.md): Deletes a BGP/DNR policy. Fails if the policy is currently attached to any sites. - [Get BGP Policy Details](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/bgp-policy/get-bgp-policy-details.md): Retrieves details of a specific BGP/DNR policy by its UUID. - [List BGP Policies](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/bgp-policy/list-bgp-policies.md): Retrieves all BGP/DNR policies for the authenticated customer. - [List BGP/DNR Lists](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/bgp-policy/list-bgpdnr-lists.md): Retrieves a list of available BGP/DNR feed lists. - [Remove BGP Policy from Site](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/bgp-policy/remove-bgp-policy-from-site.md): Removes the BGP/DNR policy assignment from a specific site tunnel. Deletes the tunnel record if no DNS policy remains. - [Update BGP Policy](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/bgp-policy/update-bgp-policy.md): Updates an existing BGP/DNR policy. - [List Categories and Top Applications](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/categories-&-applications/list-categories-and-top-applications.md): Retrieves a list of content categories, each including its top applications sorted by domain count. - [List Safe Search Options](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/categories-&-applications/list-safe-search-options.md): Retrieves a list of available safe search services and their configuration options. - [Assign DNS Policy to Site](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/dns-policy/assign-dns-policy-to-site.md): Assigns or updates the DNS policy for a specific site tunnel. Creates the tunnel record if it doesn't exist. - [Create DNS Policy](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/dns-policy/create-dns-policy.md): Creates a new DNS content filtering policy. - [Delete DNS Policy](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/dns-policy/delete-dns-policy.md): Deletes a DNS policy. Fails if the policy is currently attached to any sites. - [Get DNS Policy Details](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/dns-policy/get-dns-policy-details.md): Retrieves details of a specific DNS policy by its UUID. - [List DNS Policies](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/dns-policy/list-dns-policies.md): Retrieves all DNS content filtering policies for the authenticated customer. - [Remove DNS Policy from Site](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/dns-policy/remove-dns-policy-from-site.md): Removes the DNS policy assignment from a specific site tunnel. Deletes the tunnel record if no BGP policy remains. - [Update DNS Policy](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/dns-policy/update-dns-policy.md): Updates an existing DNS content filtering policy. - [Handle DNR Subscription Webhook](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/internal-hooks/handle-dnr-subscription-webhook.md): Endpoint to receive DNR (BGP) subscription lifecycle events (create, terminate). Requires valid signature. - [Handle DNS Subscription Webhook](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/internal-hooks/handle-dns-subscription-webhook.md): Endpoint to receive DNS subscription lifecycle events (create, terminate). Requires valid signature. - [Get Application Blackhole IPs](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/ip-lists/get-application-blackhole-ips.md): Retrieves a list of applications and their assigned blackhole IP addresses used for DNS filtering. Requires internal API token. - [Get DNR Blackhole IP Ranges](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/ip-lists/get-dnr-blackhole-ip-ranges.md): Retrieves a map of DNR list names to their active blackhole IP ranges (integer format). Requires internal API token. - [Get Service Counts for All Customers](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/tunnels-&-sites/get-service-counts-for-all-customers.md): Retrieves a summary count of DNS and DNR subscriptions per customer. Requires internal API token. - [Get Service Details for a Customer](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/tunnels-&-sites/get-service-details-for-a-customer.md): Retrieves detailed service information (DNS/DNR subscriptions) for all tunnels belonging to a specific customer. Requires internal API token. - [Get Tunnel/Site Details](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/tunnels-&-sites/get-tunnelsite-details.md): Retrieves details for a specific tunnel/site by its Site ID. - [List All Tunnels/Sites](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/tunnels-&-sites/list-all-tunnelssites.md): Retrieves a list of all tunnels/sites associated with the authenticated customer. - [List Sites with BGP/DNR Service](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/tunnels-&-sites/list-sites-with-bgpdnr-service.md): Retrieves a list of site IDs for the authenticated customer that have the BGP/DNR service enabled. - [List Sites with DNS Service](https://docs.altostrat.io/api-reference/spa/bgp-dns-filter/tunnels-&-sites/list-sites-with-dns-service.md): Retrieves a list of site IDs for the authenticated customer that have the DNS filtering service enabled. - [Create a new Auth Integration](https://docs.altostrat.io/api-reference/spa/captive-portal/idp-integrations/create-a-new-auth-integration.md) - [Delete a specific Auth Integration](https://docs.altostrat.io/api-reference/spa/captive-portal/idp-integrations/delete-a-specific-auth-integration.md) - [List all IDP Integrations](https://docs.altostrat.io/api-reference/spa/captive-portal/idp-integrations/list-all-idp-integrations.md) - [Partially update a specific Auth Integration](https://docs.altostrat.io/api-reference/spa/captive-portal/idp-integrations/partially-update-a-specific-auth-integration.md) - [Replace a specific Auth Integration](https://docs.altostrat.io/api-reference/spa/captive-portal/idp-integrations/replace-a-specific-auth-integration.md) - [Retrieve a specific Auth Integration](https://docs.altostrat.io/api-reference/spa/captive-portal/idp-integrations/retrieve-a-specific-auth-integration.md) - [Create a new captive portal Instance](https://docs.altostrat.io/api-reference/spa/captive-portal/instances/create-a-new-captive-portal-instance.md) - [Delete a specific captive portal Instance](https://docs.altostrat.io/api-reference/spa/captive-portal/instances/delete-a-specific-captive-portal-instance.md) - [List all captive portal Instances](https://docs.altostrat.io/api-reference/spa/captive-portal/instances/list-all-captive-portal-instances.md) - [Partially update a specific captive portal Instance](https://docs.altostrat.io/api-reference/spa/captive-portal/instances/partially-update-a-specific-captive-portal-instance.md) - [Replace a specific captive portal Instance](https://docs.altostrat.io/api-reference/spa/captive-portal/instances/replace-a-specific-captive-portal-instance.md) - [Retrieve a specific captive portal Instance](https://docs.altostrat.io/api-reference/spa/captive-portal/instances/retrieve-a-specific-captive-portal-instance.md) - [Upload an image (logo or icon) for a specific Instance](https://docs.altostrat.io/api-reference/spa/captive-portal/instances/upload-an-image-logo-or-icon-for-a-specific-instance.md) - [Create a new walled garden entry for a site](https://docs.altostrat.io/api-reference/spa/captive-portal/walled-garden/create-a-new-walled-garden-entry-for-a-site.md) - [Delete a specific walled garden entry under a site](https://docs.altostrat.io/api-reference/spa/captive-portal/walled-garden/delete-a-specific-walled-garden-entry-under-a-site.md) - [List all walled garden entries for a specific site](https://docs.altostrat.io/api-reference/spa/captive-portal/walled-garden/list-all-walled-garden-entries-for-a-specific-site.md) - [Partially update a specific walled garden entry under a site](https://docs.altostrat.io/api-reference/spa/captive-portal/walled-garden/partially-update-a-specific-walled-garden-entry-under-a-site.md) - [Replace a specific walled garden entry under a site](https://docs.altostrat.io/api-reference/spa/captive-portal/walled-garden/replace-a-specific-walled-garden-entry-under-a-site.md) - [Retrieve a specific walled garden entry under a site](https://docs.altostrat.io/api-reference/spa/captive-portal/walled-garden/retrieve-a-specific-walled-garden-entry-under-a-site.md) - [Server check-in for a site](https://docs.altostrat.io/api-reference/spa/cpf/checkin/server-check-in-for-a-site.md): Called by a server to claim or update itself as the active server for a particular site (via the tunnel username). - [Create (rotate) new credentials](https://docs.altostrat.io/api-reference/spa/cpf/credentials/create-rotate-new-credentials.md): Generates a new username/password pair for the site, deletes any older credentials. Requires `apicredentials:create` scope. - [List site API credentials](https://docs.altostrat.io/api-reference/spa/cpf/credentials/list-site-api-credentials.md): Returns the API credentials used to connect to a site. Requires `apicredentials:view` scope. - [(Internal) Fetch management IPs for multiple sites](https://docs.altostrat.io/api-reference/spa/cpf/internal/internal-fetch-management-ips-for-multiple-sites.md): Given an array of site IDs, returns a map of site_id => management IP (tunnel IP). - [(Internal) Get site credentials](https://docs.altostrat.io/api-reference/spa/cpf/internal/internal-get-site-credentials.md): Returns the latest credentials for the specified site, typically used by internal services. Not user-facing. - [Assign sites to a policy](https://docs.altostrat.io/api-reference/spa/cpf/policies/assign-sites-to-a-policy.md): Sets or moves multiple site IDs onto the given policy. Requires `cpf:create` or `cpf:update` scope. - [Create a policy](https://docs.altostrat.io/api-reference/spa/cpf/policies/create-a-policy.md): Creates a new policy for the authenticated user. Requires `cpf:create` scope. - [Delete a policy](https://docs.altostrat.io/api-reference/spa/cpf/policies/delete-a-policy.md): Removes a policy if it is not the default policy. Sites that used this policy get moved to the default policy. Requires `cpf:delete` scope. - [List policies](https://docs.altostrat.io/api-reference/spa/cpf/policies/list-policies.md): Retrieves all policies for the authenticated user. Requires `cpf:view` scope. - [Show a single policy](https://docs.altostrat.io/api-reference/spa/cpf/policies/show-a-single-policy.md): Retrieves details of the specified policy, including related sites. Requires `cpf:view` scope. - [Update a policy](https://docs.altostrat.io/api-reference/spa/cpf/policies/update-a-policy.md): Update the specified policy. Sites not in the request may revert to a default policy. Requires `cpf:update` scope. - [Validate a policy](https://docs.altostrat.io/api-reference/spa/cpf/policies/validate-a-policy.md): Check basic policy details to ensure it's valid. - [Execute commands on a site (internal sync)](https://docs.altostrat.io/api-reference/spa/cpf/router-commands/execute-commands-on-a-site-internal-sync.md): Sends an execution script or command to the management server for the site. Similar to /sync but specifically for custom script execution. - [Print or run commands on a site (internal sync)](https://docs.altostrat.io/api-reference/spa/cpf/router-commands/print-or-run-commands-on-a-site-internal-sync.md): Send an API command to the management server to print or list resources on the router, or run a custom command. - [Re-send bootstrap scheduler script](https://docs.altostrat.io/api-reference/spa/cpf/scheduler/re-send-bootstrap-scheduler-script.md): Forces re-sending of a scheduled script or runbook to the router. Often used if the script fails to be applied the first time. - [Check the management server assigned to a site](https://docs.altostrat.io/api-reference/spa/cpf/sites/check-the-management-server-assigned-to-a-site.md): Returns the IP/hostname of the server currently managing the site. Requires authentication. - [Create a new Site](https://docs.altostrat.io/api-reference/spa/cpf/sites/create-a-new-site.md): Creates a new site resource with the specified ID, policy, and other information. - [Create site for migration](https://docs.altostrat.io/api-reference/spa/cpf/sites/create-site-for-migration.md): Creates a Site for system migrations, then runs additional background jobs (tunnel assignment, credentials creation, policy update). - [List all site IDs](https://docs.altostrat.io/api-reference/spa/cpf/sites/list-all-site-ids.md): Returns minimal site data for every site in the system (ID and tunnel IP). - [List site IDs by Customer](https://docs.altostrat.io/api-reference/spa/cpf/sites/list-site-ids-by-customer.md): Returns a minimal array of sites for a given customer, including the assigned tunnel IP if available. - [Perform a site action](https://docs.altostrat.io/api-reference/spa/cpf/sites/perform-a-site-action.md): Sends an SNS-based request to the router for various special actions (reboot, clear firewall, etc.). - [Retrieve site note](https://docs.altostrat.io/api-reference/spa/cpf/sites/retrieve-site-note.md): Fetch current note from an external metadata microservice. Requires authentication and site ownership. - [Set site note](https://docs.altostrat.io/api-reference/spa/cpf/sites/set-site-note.md): Update or create site metadata with a 'note' field, stored in an external metadata microservice. - [Create a transient access for a site](https://docs.altostrat.io/api-reference/spa/cpf/transient-access/create-a-transient-access-for-a-site.md): Generates a temporary NAT access to Winbox/SSH. Requires `transientaccess:create` scope. - [List active transient accesses for a site](https://docs.altostrat.io/api-reference/spa/cpf/transient-access/list-active-transient-accesses-for-a-site.md): Returns all unexpired, unrevoked transient access records for the site. Requires `transientaccess:view` scope. - [Revoke a transient access](https://docs.altostrat.io/api-reference/spa/cpf/transient-access/revoke-a-transient-access.md): Marks it as expired/revoked and triggers config removal. Requires `transientaccess:delete` scope. - [Show one transient access](https://docs.altostrat.io/api-reference/spa/cpf/transient-access/show-one-transient-access.md): Returns a single transient access record. Requires `transientaccess:view` scope. - [Create a transient port-forward](https://docs.altostrat.io/api-reference/spa/cpf/transient-forward/create-a-transient-port-forward.md): Creates a short-lived NAT forwarding rule to a destination IP/port behind the router. - [List site transient port forwards](https://docs.altostrat.io/api-reference/spa/cpf/transient-forward/list-site-transient-port-forwards.md): Returns all active NAT port-forwards for a site. Not access-limited, but presumably requires a certain scope. - [Revoke a transient port-forward](https://docs.altostrat.io/api-reference/spa/cpf/transient-forward/revoke-a-transient-port-forward.md): Marks the port-forward as expired and removes the NAT rule from the management server. - [Show one transient port-forward](https://docs.altostrat.io/api-reference/spa/cpf/transient-forward/show-one-transient-port-forward.md): Returns details about a specific transient port-forward rule by ID. - [Get CVE Mitigation Steps](https://docs.altostrat.io/api-reference/spa/cve/cve-management/get-cve-mitigation-steps.md): Retrieves AI-generated, OS-agnostic manual mitigation steps for a specified CVE ID. Requires `cve:view` scope. - [Get CVEs by MAC Address](https://docs.altostrat.io/api-reference/spa/cve/cve-management/get-cves-by-mac-address.md): Retrieves all CVEs associated with a specific MAC address across all scans for the customer. Throttled (600 req/min). Requires `cve:view` scope. - [List CVE Status Overrides](https://docs.altostrat.io/api-reference/spa/cve/cve-management/list-cve-status-overrides.md): Retrieves a list of manually set CVE statuses (accepted/mitigated) for MAC addresses, optionally filtered by MAC, CVE ID, or status. Requires `cve:view` scope. - [List MAC Addresses with CVEs](https://docs.altostrat.io/api-reference/spa/cve/cve-management/list-mac-addresses-with-cves.md): Retrieves a list of unique MAC addresses that have associated CVEs for the authenticated customer, along with summary statistics. Throttled (600 req/min). Requires `cve:view` scope. - [Set CVE Status Override](https://docs.altostrat.io/api-reference/spa/cve/cve-management/set-cve-status-override.md): Creates a new status record (accepted or mitigated) for a specific CVE on a specific MAC address. Status expires automatically after 5 minutes. Requires `cve:update` scope. - [Scan Multiple IPs via Schedule Context](https://docs.altostrat.io/api-reference/spa/cve/on-demand-scans/scan-multiple-ips-via-schedule-context.md): Initiates an immediate scan for a list of specific IP addresses, using the context (credentials, settings) of an existing scan schedule and site. Requires authentication. - [Scan Single IP via Schedule Context](https://docs.altostrat.io/api-reference/spa/cve/on-demand-scans/scan-single-ip-via-schedule-context.md): Initiates an immediate scan for a single IP address, using the context (credentials, settings) of an existing scan schedule. Requires authentication. - [Get Scan Result Details](https://docs.altostrat.io/api-reference/spa/cve/scan-results/get-scan-result-details.md): Retrieves the detailed summary for a specific scan result instance by its UUID. Requires `cve:view` scope. - [List Scan Results](https://docs.altostrat.io/api-reference/spa/cve/scan-results/list-scan-results.md): Retrieves a list of completed scan results/reports for the authenticated customer, sorted by date (newest first). Requires `cve:view` scope. Reports are generated asynchronously after scans complete. - [Create Scan Schedule](https://docs.altostrat.io/api-reference/spa/cve/scan-schedules/create-scan-schedule.md): Creates a new CVE scan schedule. Requires `cve:create` scope. - [Delete Scan Schedule](https://docs.altostrat.io/api-reference/spa/cve/scan-schedules/delete-scan-schedule.md): Deletes a scan schedule. Fails if the schedule has running scans. Requires `cve:delete` scope. - [Get Latest Scan Status for Schedule](https://docs.altostrat.io/api-reference/spa/cve/scan-schedules/get-latest-scan-status-for-schedule.md): Retrieves the status (targets, scanned, failed sites) of the most recent scan run associated with a schedule. Requires authentication. - [Get Scan Schedule Details](https://docs.altostrat.io/api-reference/spa/cve/scan-schedules/get-scan-schedule-details.md): Retrieves the details of a specific scan schedule by its UUID. Requires `cve:view` scope. - [List Scan Schedules](https://docs.altostrat.io/api-reference/spa/cve/scan-schedules/list-scan-schedules.md): Retrieves all CVE scan schedules configured for the authenticated customer. Requires `cve:view` scope. - [Start Scheduled Scan Manually](https://docs.altostrat.io/api-reference/spa/cve/scan-schedules/start-scheduled-scan-manually.md): Initiates an immediate run of the specified scan schedule. Rate limited to prevent rapid restarts. Requires authorization to access the schedule. - [Stop Running Scheduled Scan](https://docs.altostrat.io/api-reference/spa/cve/scan-schedules/stop-running-scheduled-scan.md): Requests the termination of any currently running scan instances associated with the specified schedule. Requires authorization to access the schedule. - [Update Scan Schedule](https://docs.altostrat.io/api-reference/spa/cve/scan-schedules/update-scan-schedule.md): Updates an existing scan schedule. Requires `cve:update` scope. - [Assign a new IP address](https://docs.altostrat.io/api-reference/spa/elastic-ip/ip-addresses-l2tp/assign-a-new-ip-address.md): Assigns a specific, available IP address from a given subnet to the customer and sets up associated RADIUS credentials. - [Get IP address details](https://docs.altostrat.io/api-reference/spa/elastic-ip/ip-addresses-l2tp/get-ip-address-details.md): Retrieves the details of a specific assigned IP address, including RADIUS credentials and last connection info. - [List assigned IP addresses](https://docs.altostrat.io/api-reference/spa/elastic-ip/ip-addresses-l2tp/list-assigned-ip-addresses.md): Retrieves a list of all L2TP IP addresses assigned to the authenticated customer/user. - [Release an IP address](https://docs.altostrat.io/api-reference/spa/elastic-ip/ip-addresses-l2tp/release-an-ip-address.md): Releases an assigned IP address, removing it from the customer's account and deleting associated RADIUS credentials and accounting data. - [Reset RADIUS password](https://docs.altostrat.io/api-reference/spa/elastic-ip/ip-addresses-l2tp/reset-radius-password.md): Resets the RADIUS password for the username associated with the specified IP address assignment. - [Update IP address PTR record](https://docs.altostrat.io/api-reference/spa/elastic-ip/ip-addresses-l2tp/update-ip-address-ptr-record.md): Updates the Pointer (PTR) record (Reverse DNS) for the specified IP address. - [Get available IPs in a subnet](https://docs.altostrat.io/api-reference/spa/elastic-ip/subnets/get-available-ips-in-a-subnet.md): Retrieves a list of randomly selected available IP addresses within the specified subnet. Limited to a maximum of 20 IPs. - [List all managed subnets](https://docs.altostrat.io/api-reference/spa/elastic-ip/subnets/list-all-managed-subnets.md): Retrieves a list of all subnets configured for the authenticated customer/user. - [Alias for listing recent or ongoing faults](https://docs.altostrat.io/api-reference/spa/faults/faults/alias-for-listing-recent-or-ongoing-faults.md): Identical to `GET /recent`. **Requires** `fault:view` scope. - [Generate a new short-lived fault token](https://docs.altostrat.io/api-reference/spa/faults/faults/generate-a-new-short-lived-fault-token.md): Creates a token that can be used to retrieve unresolved or recently resolved faults without requiring ongoing authentication. **Requires** `fault:create` or possibly `fault:view` (depending on usage). - [List all faults for a given site ID](https://docs.altostrat.io/api-reference/spa/faults/faults/list-all-faults-for-a-given-site-id.md): Returns all faults recorded for a particular site. **Requires** `fault:view` scope. - [List recent or ongoing faults](https://docs.altostrat.io/api-reference/spa/faults/faults/list-recent-or-ongoing-faults.md): **Requires** `fault:view` scope. Returns a paginated list of faults filtered by query parameters, typically those unresolved or resolved within the last 10 minutes if `status=recent` is used. For more flexible filtering see query parameters below. - [List top 10 WAN faults in last 14 days](https://docs.altostrat.io/api-reference/spa/faults/faults/list-top-10-wan-faults-in-last-14-days.md): Retrieves the top 10 most active WAN tunnel (type=wantunnel) faults in the last 14 days. **Requires** `fault:view` scope. - [Retrieve currently active (unresolved) faults via internal token](https://docs.altostrat.io/api-reference/spa/faults/faults/retrieve-currently-active-unresolved-faults-via-internal-token.md): Available only via internal API token. Expects `type` in the request body (e.g. `site` or `wantunnel`) and returns all unresolved faults of that type. - [Retrieve faults using short-lived token](https://docs.altostrat.io/api-reference/spa/faults/faults/retrieve-faults-using-short-lived-token.md): Retrieves a set of unresolved or recently resolved faults for the customer associated with the given short-lived token. No other authentication needed. **Public** endpoint, token-based. - [Retrieve internal fault timeline for a site](https://docs.altostrat.io/api-reference/spa/faults/faults/retrieve-internal-fault-timeline-for-a-site.md): Available only via internal API token (`internal` middleware). Typically used for analyzing fault timelines. Requires fields `start`, `end`, `type`, and `site_id` in the request body. - [Filter and retrieve log events](https://docs.altostrat.io/api-reference/spa/logs/log-events/filter-and-retrieve-log-events.md): Returns filtered log events from CloudWatch for the requested log group and streams. Requires `logs:view` scope. - [Global ARP search across user’s sites](https://docs.altostrat.io/api-reference/spa/metrics/arp/global-arp-search-across-user’s-sites.md): Search ARP data across multiple sites belonging to the current user. Requires `inventory:view` scope. - [(Internal) ARP entries for a site](https://docs.altostrat.io/api-reference/spa/metrics/arp/internal-arp-entries-for-a-site.md): Returns ARP data for the site, or 204 if none exist. No Bearer token needed, presumably uses internal token. - [List ARP entries for a site](https://docs.altostrat.io/api-reference/spa/metrics/arp/list-arp-entries-for-a-site.md): Lists ARP entries for the specified site with optional pagination. Requires `inventory:view` scope. - [Update an ARP entry](https://docs.altostrat.io/api-reference/spa/metrics/arp/update-an-arp-entry.md): Allows updating group/alias for an ARP entry. Requires `inventory:update` scope. - [Get BGP usage/logs from last ~2 days](https://docs.altostrat.io/api-reference/spa/metrics/content/get-bgp-usagelogs-from-last-~2-days.md): Generates a BGP usage report for the site (TCP/UDP traffic captured). Possibly uses blackhole IP analysis. Requires `site` middleware. - [Get DNS usage/logs from last ~2 days](https://docs.altostrat.io/api-reference/spa/metrics/content/get-dns-usagelogs-from-last-~2-days.md): Returns top categories, apps, source IPs from DNS logs. Possibly uses blackhole IP analysis. Requires `site` middleware. - [Get SNMP interface metrics](https://docs.altostrat.io/api-reference/spa/metrics/interfaces/get-snmp-interface-metrics.md): Returns detailed interface metric data within a specified date range. Requires `site` and `interface` resolution plus relevant scopes. - [(Internal) List site interfaces](https://docs.altostrat.io/api-reference/spa/metrics/interfaces/internal-list-site-interfaces.md): Same as /interfaces/{site}, but for internal use. - [(Internal) Summarized interface metrics](https://docs.altostrat.io/api-reference/spa/metrics/interfaces/internal-summarized-interface-metrics.md): Calculates average and max in/out in MBps or similar for the date range. Possibly used by other microservices. - [List SNMP interfaces for a site](https://docs.altostrat.io/api-reference/spa/metrics/interfaces/list-snmp-interfaces-for-a-site.md): Returns all known SNMP interfaces on a site. Requires `site` middleware. - [Get 24h heartbeat or check-in data for a site](https://docs.altostrat.io/api-reference/spa/metrics/mikrotikstats/get-24h-heartbeat-or-check-in-data-for-a-site.md): Returns info about missed heartbeats from mikrotik checkins within the last 24 hours. Requires `site` middleware. - [Get last checkin time for a site](https://docs.altostrat.io/api-reference/spa/metrics/mikrotikstats/get-last-checkin-time-for-a-site.md): Returns how long ago the last MikrotikStats record was inserted. Requires `site` middleware. - [Get raw Mikrotik stats from the last 8 hours](https://docs.altostrat.io/api-reference/spa/metrics/mikrotikstats/get-raw-mikrotik-stats-from-the-last-8-hours.md): Returns stats such as CPU load, memory for the last 8 hours. Requires `site` middleware. - [List syslog entries for a site](https://docs.altostrat.io/api-reference/spa/metrics/syslog/list-syslog-entries-for-a-site.md): Returns syslog data for a given site. Requires 'site' middleware and typically `inventory:view` scope or similar. - [Get ping stats for a WAN tunnel](https://docs.altostrat.io/api-reference/spa/metrics/tunnels/get-ping-stats-for-a-wan-tunnel.md): Retrieves a time-series of ping metrics for the specified WAN tunnel. Requires 'tunnel' middleware, plus date range input. - [Get tunnels ordered by average jitter or packet loss](https://docs.altostrat.io/api-reference/spa/metrics/tunnels/get-tunnels-ordered-by-average-jitter-or-packet-loss.md): Aggregates last 24h data from ping_stats and returns an array sorted by either 'mdev' or 'packet_loss'. Typically used to see worst/best tunnels. Requires user’s WAN data scope. - [(Internal) List WAN Tunnels for a site](https://docs.altostrat.io/api-reference/spa/metrics/tunnels/internal-list-wan-tunnels-for-a-site.md): Similar to /wan-tunnels/{site}, but does not require Bearer. Possibly uses an internal token or no auth. Returns 200 or 204 if no tunnels found. - [(Internal) Retrieve summarized ping stats for a tunnel](https://docs.altostrat.io/api-reference/spa/metrics/tunnels/internal-retrieve-summarized-ping-stats-for-a-tunnel.md): Given a site and tunnel, returns average or max stats in the date range. Possibly used by internal microservices. - [List WAN tunnels for a site](https://docs.altostrat.io/api-reference/spa/metrics/tunnels/list-wan-tunnels-for-a-site.md): Returns all WAN Tunnels associated with that site ID. Requires `site` middleware. - [Multi-tunnel or aggregated ping stats](https://docs.altostrat.io/api-reference/spa/metrics/tunnels/multi-tunnel-or-aggregated-ping-stats.md): Retrieves a chart-friendly data series for one or multiple tunnels. Possibly used by a front-end chart. This is a single endpoint returning timestamps and data arrays. Requires date range, optional tunnel list. - [Create a new notification group](https://docs.altostrat.io/api-reference/spa/notifications/groups/create-a-new-notification-group.md): Creates a group with name, schedule, topics, recipients, and sites. Requires `notification:create` scope. - [Delete a notification group](https://docs.altostrat.io/api-reference/spa/notifications/groups/delete-a-notification-group.md): Removes the group, its recipients, site relationships, and topic references. Requires `notification:delete` scope. - [Example Ably webhook endpoint](https://docs.altostrat.io/api-reference/spa/notifications/groups/example-ably-webhook-endpoint.md): Used for testing. Returns request data. Does not require user scope. - [List all notification groups for the customer](https://docs.altostrat.io/api-reference/spa/notifications/groups/list-all-notification-groups-for-the-customer.md): Retrieves all groups belonging to the authenticated customer. Requires `notification:view` scope. - [Show a specific notification group](https://docs.altostrat.io/api-reference/spa/notifications/groups/show-a-specific-notification-group.md): Retrieve the detail of one group by ID. Requires `notification:view` scope. - [Update a notification group](https://docs.altostrat.io/api-reference/spa/notifications/groups/update-a-notification-group.md): Update name, schedule, recipients, and other properties. Requires `notification:update` scope. - [List all topics](https://docs.altostrat.io/api-reference/spa/notifications/topics/list-all-topics.md): Returns all possible topics that can be attached to a notification group. - [Delete a generated SLA report](https://docs.altostrat.io/api-reference/spa/reports/sla-reports/delete-a-generated-sla-report.md): Deletes the JSON data object from S3 (and presumably the PDF). Requires `sla:run` scope. - [List generated SLA reports](https://docs.altostrat.io/api-reference/spa/reports/sla-reports/list-generated-sla-reports.md): Lists recent SLA JSON results objects in S3 for the user. Requires `sla:run` scope to view generated reports. - [Create a new SLA schedule](https://docs.altostrat.io/api-reference/spa/reports/sla-schedules/create-a-new-sla-schedule.md): Creates a new SLA report schedule object in DynamoDB and sets up CloudWatch event rules (daily/weekly/monthly). Requires `sla:create` scope. - [Delete an SLA schedule](https://docs.altostrat.io/api-reference/spa/reports/sla-schedules/delete-an-sla-schedule.md): Deletes a single SLA schedule from DynamoDB and removes CloudWatch events. Requires `sla:delete` scope. - [Get a single SLA schedule](https://docs.altostrat.io/api-reference/spa/reports/sla-schedules/get-a-single-sla-schedule.md): Retrieves a single SLA schedule by UUID from DynamoDB. Requires `sla:view` scope. - [List all SLA schedules](https://docs.altostrat.io/api-reference/spa/reports/sla-schedules/list-all-sla-schedules.md): Fetches SLA reporting schedules from DynamoDB for the authenticated user. Requires `sla:view` scope. - [Manually run an SLA schedule](https://docs.altostrat.io/api-reference/spa/reports/sla-schedules/manually-run-an-sla-schedule.md): Triggers a single SLA schedule to run now, with specified date range. Requires `sla:run` scope. This is done by posting `from_date` and `to_date` in the body. - [Update an SLA schedule](https://docs.altostrat.io/api-reference/spa/reports/sla-schedules/update-an-sla-schedule.md): Updates a single SLA schedule and re-configures the CloudWatch event rule(s). Requires `sla:update` scope. - [Retrieve a specific schedule (internal)](https://docs.altostrat.io/api-reference/spa/schedules/internal/retrieve-a-specific-schedule-internal.md): This route is for internal usage. It requires a special token in the `X-Bearer-Token` header (or `Authorization: Bearer `), validated by the `internal` middleware. - [Create a new schedule](https://docs.altostrat.io/api-reference/spa/schedules/schedules/create-a-new-schedule.md) - [Delete an existing schedule](https://docs.altostrat.io/api-reference/spa/schedules/schedules/delete-an-existing-schedule.md) - [List all schedules](https://docs.altostrat.io/api-reference/spa/schedules/schedules/list-all-schedules.md) - [Retrieve a specific schedule](https://docs.altostrat.io/api-reference/spa/schedules/schedules/retrieve-a-specific-schedule.md) - [Update an existing schedule](https://docs.altostrat.io/api-reference/spa/schedules/schedules/update-an-existing-schedule.md) - [Generate RouterOS script via AI prompt](https://docs.altostrat.io/api-reference/spa/scripts/ai-generation/generate-routeros-script-via-ai-prompt.md): Calls an OpenAI model to produce a RouterOS script from the user’s prompt. Returns JSON with commands, error, destructive boolean, etc. Throttled to 5 requests/minute. Requires `script:create` scope. - [Create a new community script](https://docs.altostrat.io/api-reference/spa/scripts/community-scripts/create-a-new-community-script.md): Registers a new script from a GitHub raw URL (.rsc) and optional .md readme URL. Automatically triggers background jobs to fetch code, parse README, and create an AI description. - [List community scripts](https://docs.altostrat.io/api-reference/spa/scripts/community-scripts/list-community-scripts.md): Returns a paginated list of community-contributed scripts with minimal info. No authentication scope is specifically enforced in code, but presumably behind `'auth'` or `'api'` guard. - [Raw readme.md content](https://docs.altostrat.io/api-reference/spa/scripts/community-scripts/raw-readmemd-content.md): Fetches README from GitHub and returns as text/plain, if `readme_url` is set. - [Raw .rsc content of a community script](https://docs.altostrat.io/api-reference/spa/scripts/community-scripts/raw-rsc-content-of-a-community-script.md): Fetches the script content from GitHub and returns as text/plain. - [Show a single community script](https://docs.altostrat.io/api-reference/spa/scripts/community-scripts/show-a-single-community-script.md): Provides script details including name, description, user info, repo info, etc. - [Authorize a scheduled script](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/authorize-a-scheduled-script.md): Sets `authorized_at` if provided token matches `md5(id)`. Requires `script:authorize` scope. Fails if already authorized. - [Create a new scheduled script](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/create-a-new-scheduled-script.md): Requires `script:create` scope. Specifies a script body, description, launch time, plus sites and notifiable user IDs. Also sets whether backups should be made, etc. - [Delete or cancel a scheduled script](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/delete-or-cancel-a-scheduled-script.md): If script not authorized & not started, it's fully deleted. Otherwise sets `cancelled_at`. Requires `script:delete` scope. - [Immediately run the scheduled script](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/immediately-run-the-scheduled-script.md): Requires the script to be authorized. Dispatches jobs to each site. Requires `script:run` scope. - [List all scheduled scripts](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/list-all-scheduled-scripts.md): Lists scripts that are scheduled for execution. Requires `script:view` scope. Includes site relationships and outcome data. - [Request authorization (trigger notifications)](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/request-authorization-trigger-notifications.md): Sends a WhatsApp or other message to configured notifiables to authorize the script. Requires `script:update` scope. - [Run scheduled script test](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/run-scheduled-script-test.md): Sends the script to the configured `test_site_id` only. Requires `script:run` scope. - [Script execution progress](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/script-execution-progress.md): Returns which sites are pending, which have completed, which have failed, etc. Requires `script:view` scope. - [Show a single scheduled script’s details](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/show-a-single-scheduled-script’s-details.md): Returns a single scheduled script with all relationships (sites, outcomes, notifications). Requires `script:view` scope. - [Update a scheduled script](https://docs.altostrat.io/api-reference/spa/scripts/scheduled-scripts/update-a-scheduled-script.md): Edits a scheduled script’s fields, re-syncs sites and notifiables. Requires `script:update` scope. - [Create a new VPN instance](https://docs.altostrat.io/api-reference/spa/vpn/instances/create-a-new-vpn-instance.md): Provisions a new VPN instance, automatically deploying a server. Requires `vpn:create` scope. - [Delete a VPN instance](https://docs.altostrat.io/api-reference/spa/vpn/instances/delete-a-vpn-instance.md): Tears down the instance. Requires `vpn:delete` scope. - [Fetch bandwidth usage](https://docs.altostrat.io/api-reference/spa/vpn/instances/fetch-bandwidth-usage.md): Returns the bandwidth usage metrics for the instance's primary server. Requires `vpn:view` scope. - [List all VPN instances](https://docs.altostrat.io/api-reference/spa/vpn/instances/list-all-vpn-instances.md): Returns a list of instances the authenticated user has created. Requires `vpn:view` scope. - [Show details for a single VPN instance](https://docs.altostrat.io/api-reference/spa/vpn/instances/show-details-for-a-single-vpn-instance.md): Retrieves a single instance resource by its ID. Requires `vpn:view` scope. - [Update a VPN instance](https://docs.altostrat.io/api-reference/spa/vpn/instances/update-a-vpn-instance.md): Allows modifications to DNS, routes, firewall, etc. Requires `vpn:update` scope. - [Internal instance counts per customer](https://docs.altostrat.io/api-reference/spa/vpn/internal/internal-instance-counts-per-customer.md): Used internally to retrieve aggregated peer or instance usage counts. Requires an internal token (not standard Bearer). - [Create a new peer on an instance](https://docs.altostrat.io/api-reference/spa/vpn/peers/create-a-new-peer-on-an-instance.md): Adds a client peer or site peer to the instance. Requires `vpn:create` scope. - [Delete a peer](https://docs.altostrat.io/api-reference/spa/vpn/peers/delete-a-peer.md): Removes a peer from the instance. Requires `vpn:delete` scope. - [List all peers under an instance](https://docs.altostrat.io/api-reference/spa/vpn/peers/list-all-peers-under-an-instance.md): Lists all VPN peers (clients or site-peers) attached to the specified instance. Requires `vpn:view` scope. - [Show a single peer](https://docs.altostrat.io/api-reference/spa/vpn/peers/show-a-single-peer.md): Returns detail about a single peer for the given instance. Requires `vpn:view` scope. - [Update a peer](https://docs.altostrat.io/api-reference/spa/vpn/peers/update-a-peer.md): Update subnets, route-all, etc. Requires `vpn:update` scope. - [List available server regions](https://docs.altostrat.io/api-reference/spa/vpn/servers/list-available-server-regions.md): Retrieves a list of possible Vultr (or other provider) regions where a VPN instance can be deployed. - [Server build complete callback](https://docs.altostrat.io/api-reference/spa/vpn/servers/server-build-complete-callback.md): Called by the server itself upon final provisioning. Signed route with short TTL. Updates IP, sets DNS records, etc. - [Get site subnets](https://docs.altostrat.io/api-reference/spa/vpn/sites/get-site-subnets.md): Retrieves potential subnets from the specified site (used for configuring a site-to-site VPN peer). - [Download WireGuard config as a QR code](https://docs.altostrat.io/api-reference/spa/vpn/vpn-client-tokens/download-wireguard-config-as-a-qr-code.md): Returns the config in a QR code SVG. Signed route with short TTL. Requires the peer to be a client peer. - [Download WireGuard config file](https://docs.altostrat.io/api-reference/spa/vpn/vpn-client-tokens/download-wireguard-config-file.md): Returns the raw WireGuard client config for a peer (type=client). Signed route with short TTL. Requires the peer to be a client peer. - [Retrieve ephemeral client config references](https://docs.altostrat.io/api-reference/spa/vpn/vpn-client-tokens/retrieve-ephemeral-client-config-references.md): Uses a client token to retrieve a short-lived reference for WireGuard config or QR code download. The token is validated by custom client-token auth. Returns a JSON with config_file URL, QR code URL, etc. - [Create WAN failover for a site](https://docs.altostrat.io/api-reference/spa/wan-failover/failover/create-wan-failover-for-a-site.md): Sets up a new failover resource for the site if not already present, plus some default tunnels. Requires `wan:create` scope. - [Delete WAN failover](https://docs.altostrat.io/api-reference/spa/wan-failover/failover/delete-wan-failover.md): Deletes failover from DB, tears down related tunnels, and unsubscribes. Requires `wan:delete` scope. - [Get failover info for a site](https://docs.altostrat.io/api-reference/spa/wan-failover/failover/get-failover-info-for-a-site.md): Retrieves the failover record for a given site, if any. Requires `wan:view` scope. - [List failover services for current user](https://docs.altostrat.io/api-reference/spa/wan-failover/failover/list-failover-services-for-current-user.md): Returns minimal array of failover objects (id, site_id) for user. Possibly used to see how many failovers they have. - [Set tunnel priorities for a site](https://docs.altostrat.io/api-reference/spa/wan-failover/failover/set-tunnel-priorities-for-a-site.md): Updates the `priority` field on each tunnel for this failover. Requires `wan:update` scope. - [Update tunnel gateway (router callback)](https://docs.altostrat.io/api-reference/spa/wan-failover/gateway/update-tunnel-gateway-router-callback.md): Allows a router script to update the gateway IP after DHCP/PPP changes. Typically uses X-Bearer-Token or similar, not standard BearerAuth. No standard scope enforced. - [List count of failovers per customer](https://docs.altostrat.io/api-reference/spa/wan-failover/services/list-count-of-failovers-per-customer.md): Returns an object mapping customer_id => count (how many site failovers). - [List site IDs for a customer (failover services)](https://docs.altostrat.io/api-reference/spa/wan-failover/services/list-site-ids-for-a-customer-failover-services.md): Returns an array of site IDs that have failover records for the given customer. - [List tunnels for a site (unauth? or partial auth?)](https://docs.altostrat.io/api-reference/spa/wan-failover/services/list-tunnels-for-a-site-unauth?-or-partial-auth?.md): Returns array of Tunnels for the given site if any exist. Possibly used by external or different auth flow. - [Create a new tunnel](https://docs.altostrat.io/api-reference/spa/wan-failover/tunnel/create-a-new-tunnel.md): Creates a new WAN tunnel record for the site. Requires `wan:create` scope. - [Delete a tunnel](https://docs.altostrat.io/api-reference/spa/wan-failover/tunnel/delete-a-tunnel.md): Removes the tunnel from the DB and notifies system to remove config. Requires `wan:delete` scope. - [Detect eligible gateways for an interface](https://docs.altostrat.io/api-reference/spa/wan-failover/tunnel/detect-eligible-gateways-for-an-interface.md): Find potential gateway IP addresses for the given interface. Requires `wan:view` scope. - [Get router interfaces](https://docs.altostrat.io/api-reference/spa/wan-failover/tunnel/get-router-interfaces.md): Lists valid router interfaces for a site. Possibly from router print. Requires `wan:view` scope. - [List all tunnels for current user](https://docs.altostrat.io/api-reference/spa/wan-failover/tunnel/list-all-tunnels-for-current-user.md): Returns all Tunnels for the authenticated user’s customer_id. Requires `wan:view` scope. - [List tunnels for a site](https://docs.altostrat.io/api-reference/spa/wan-failover/tunnel/list-tunnels-for-a-site.md): Returns all Tunnels associated with this site’s failover. Requires `wan:view` scope. - [Show a single tunnel](https://docs.altostrat.io/api-reference/spa/wan-failover/tunnel/show-a-single-tunnel.md): Returns details of the specified tunnel. Requires `wan:view` scope. - [Update tunnel properties](https://docs.altostrat.io/api-reference/spa/wan-failover/tunnel/update-tunnel-properties.md): Modifies name, gateway, interface, or SLA references on the tunnel. Requires `wan:update` scope. - [Test a Slack or MS Teams webhook](https://docs.altostrat.io/api-reference/spa/webhooks/integrations/test-a-slack-or-ms-teams-webhook.md): Sends a test message to the specified Slack or MS Teams webhook URL. **Requires** valid JWT authentication with appropriate scope (e.g., `webhook:test` or similar). - [Content Filtering](https://docs.altostrat.io/core-concepts/content-filtering.md): Manage and restrict access to undesirable or harmful web content across your network using DNS-based policies. - [Control Plane](https://docs.altostrat.io/core-concepts/control-plane.md): Configure inbound management services (WinBox, SSH, API) and firewall rules at scale in Altostrat. - [Notification Groups](https://docs.altostrat.io/core-concepts/notification-groups.md): Define groups of users, schedules, and alert types for more targeted notifications. - [Notifications](https://docs.altostrat.io/core-concepts/notifications.md): Define, manage, and route alerts for important network events in Altostrat. - [Roles & Permissions](https://docs.altostrat.io/core-concepts/roles-and-permissions.md): Control user access levels in Altostrat SDX using roles, which group granular permission scopes for accessing resources and performing actions via the UI and API. - [Threat Feeds](https://docs.altostrat.io/core-concepts/security-essentials.md): Leverage BGP-delivered threat intelligence feeds to automatically block malicious traffic at your network edge. - [Teams](https://docs.altostrat.io/core-concepts/teams.md): Organize users into teams for resource ownership, collaboration, and scoped access control in Altostrat SDX. - [User Management](https://docs.altostrat.io/core-concepts/users.md): Manage portal users and notification recipients, assign roles within teams, and understand resource access in Altostrat SDX. - [Adding a MikroTik Router to Altostrat SDX](https://docs.altostrat.io/getting-started/adding-a-router.md): Follow these steps to integrate your prepared MikroTik router with the Altostrat SDX platform. - [Captive Portal Setup](https://docs.altostrat.io/getting-started/captive-portal-setup.md): Learn how to configure a Captive Portal instance and enable network-level authentication. - [Initial Configuration](https://docs.altostrat.io/getting-started/initial-configuration.md): Prepare your MikroTik device with a clean configuration and updated firmware before integrating it with Altostrat SDX. - [Introduction](https://docs.altostrat.io/getting-started/introduction.md): Altostrat SDX is designed for both small networks and large-scale deployments, providing robust tools to simplify management, bolster security, and maximize uptime-using your existing, compatible hardware. - [Remote WinBox Login](https://docs.altostrat.io/getting-started/remote-winbox-login.md): How to securely access your MikroTik router using WinBox, even behind NAT. - [Transient Access](https://docs.altostrat.io/getting-started/transient-access.md): Secure, on-demand credentials for MikroTik devices behind NAT firewalls. - [User Registration](https://docs.altostrat.io/getting-started/user-registration.md): Learn how to create your personal Altostrat SDX user account via self-registration or by accepting a team invitation. - [Google Cloud Integration](https://docs.altostrat.io/integrations/google-cloud-integration.md): Connect Altostrat with Google Cloud for user authentication and secure OAuth 2.0 flows. - [Identity Providers](https://docs.altostrat.io/integrations/identity-providers.md): Configure external OAuth 2.0 or SSO providers like Google, Azure, or GitHub for Altostrat authentication. - [Integrations Overview](https://docs.altostrat.io/integrations/integrations-overview.md): Overview of how Altostrat connects with external platforms for notifications, authentication, and more. - [Microsoft Azure Integration](https://docs.altostrat.io/integrations/microsoft-azure-integration.md): Use Microsoft Entra (Azure AD) for secure user authentication in Altostrat. - [Microsoft Teams](https://docs.altostrat.io/integrations/microsoft-teams.md): Integrate Altostrat notifications and alerts into Microsoft Teams channels. - [Slack](https://docs.altostrat.io/integrations/slack.md): Send Altostrat alerts to Slack channels for quick incident collaboration. - [Backups](https://docs.altostrat.io/management/backups.md): Manage and schedule configuration backups for MikroTik devices through Altostrat. - [Device Tags](https://docs.altostrat.io/management/device-tags.md): Organize and categorize your MikroTik devices with custom tags in Altostrat. - [Faults](https://docs.altostrat.io/management/faults.md): Monitor and troubleshoot disruptions or issues in your network via Altostrat. - [Management VPN](https://docs.altostrat.io/management/management-vpn.md): How MikroTik devices connect securely to Altostrat for real-time monitoring and management. - [Managing WAN Failover](https://docs.altostrat.io/management/managing-wan-failover.md): Create, reorder, and troubleshoot WAN Failover configurations for reliable multi-link setups. - [Orchestration Log](https://docs.altostrat.io/management/orchestration-log.md): Track scripts, API calls, and automated tasks performed by Altostrat on your MikroTik devices. - [Regional Servers](https://docs.altostrat.io/management/regional-servers.md): Improve performance and minimize single points of failure with globally distributed clusters. - [Short Links](https://docs.altostrat.io/management/short-links.md): Simplify long, signed URLs into user-friendly short links for Altostrat notifications and emails. - [WAN Failover](https://docs.altostrat.io/management/wan-failover.md): Enhance reliability by combining multiple internet mediums for uninterrupted cloud connectivity. - [Installable PWA](https://docs.altostrat.io/resources/installable-pwa.md): Learn how to install Altostrat's Progressive Web App (PWA) for an app-like experience and offline support. - [Password Policy](https://docs.altostrat.io/resources/password-policy.md): Requirements for secure user passwords in Altostrat. - [Supported SMS Regions](https://docs.altostrat.io/resources/supported-sms-regions.md): List of countries where Altostrat's SMS delivery is enabled, plus any high-risk or unsupported regions. - [API Authentication](https://docs.altostrat.io/sdx-api/authentication.md): Securely authenticate requests to the Altostrat SDX API using API Keys or OAuth 2.0.