From faa250680b65c687e070e417c7f4bfbf21edcf2f Mon Sep 17 00:00:00 2001
From: Mike McNeil <mikermcneil@users.noreply.github.com>
Date: Thu, 10 Jul 2025 06:50:06 -0500
Subject: [PATCH] fleetdm.com API follows conventions (#30720)

---
 website/config/routes.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/config/routes.js b/website/config/routes.js
index 26f164c51b..8f9203fcf4 100644
--- a/website/config/routes.js
+++ b/website/config/routes.js
@@ -989,9 +989,9 @@ module.exports.routes = {
   '/api/v1/webhooks/github': { action: 'webhooks/receive-from-github', csrf: false },
   'POST /api/v1/webhooks/receive-from-stripe': { action: 'webhooks/receive-from-stripe', csrf: false },
   'POST /api/v1/webhooks/receive-from-zapier': { action: 'webhooks/receive-from-zapier', csrf: false },
-  'POST /api/v1/get-est-device-certificate': { action: 'get-est-device-certificate', csrf: false},
   'POST /api/v1/webhooks/receive-from-clay': { action: 'webhooks/receive-from-clay', csrf: false},
   'POST /api/v1/webhooks/receive-from-zoom': { action: 'webhooks/receive-from-zoom', csrf: false},
+  'POST /api/v1/get-est-device-certificate': { action: 'get-est-device-certificate', csrf: false},// TODO: change this route to match Sails conventions for webhooks and to be in the webhooks/ folder.  Then remove from policies: 'get-est-device-certificate': true, as it'll just be taken care of by being in the right place.
 
 
   //  ╔═╗╔╗╔╔╦╗╦═╗╔═╗╦╔╦╗  ╔═╗╦═╗╔═╗═╗ ╦╦ ╦  ╔═╗╔╗╔╔╦╗╔═╗╔═╗╦╔╗╔╔╦╗╔═╗