From f53913bd45b012126df011f0c7cf844c2fd2d4e6 Mon Sep 17 00:00:00 2001
From: Cronus89 <cronus@nite-serv.com>
Date: Thu, 16 Mar 2023 02:12:17 -0500
Subject: [PATCH] Put allowed policies together at front of command (#26625)

---
 source/_integrations/mikrotik.markdown | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source/_integrations/mikrotik.markdown b/source/_integrations/mikrotik.markdown
index 995ca0771dd..a8ada83e5f2 100644
--- a/source/_integrations/mikrotik.markdown
+++ b/source/_integrations/mikrotik.markdown
@@ -65,7 +65,7 @@ If everything is working fine you can disable the pure `api` service in RouterOS
 To use this device tracker you need restricted privileges only. To enhance the security of your MikroTik device create a "read only" user who is able to connect to API  and perform ping test only:
 
 ```bash
-/user group add name=homeassistant policy=read,api,!local,!telnet,!ssh,!ftp,!reboot,!write,!policy,test,!winbox,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp
+/user group add name=homeassistant policy=read,api,test,!local,!telnet,!ssh,!ftp,!reboot,!write,!policy,!winbox,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp
 /user add group=homeassistant name=homeassistant
 /user set password="YOUR_PASSWORD" homeassistant
 ```