Get started
WireGuard is a registered trademark of Jason A. Donenfeld.
© 2024 Tailscale Inc. All rights reserved. Tailscale is a registered trademark of Tailscale Inc.
Go back

Enable device approval and set key expiry in the admin console

October 12 2021
Sonia AppasamyRoss Zurowski
Sonia Appasamy & Ross Zurowski

We’ve made a few settings easier for you to manage in the admin console: device approval and key expiry.

Authentication Settings in the admin console showing the new options.

You can enable device approval in the admin console. With device approval, every new device you add to your network needs to be approved by an admin before it can join your network.

You can also set key expiry in the admin console. Devices you add to your network will periodically expire their node keys and force users to reauthenticate, to ensure the devices are still meant to be on your network. (You can disable key expiry for certain types of devices where this is inconvenient, like servers.) By default, keys expire every 180 days. We’d like to shorten the default expiry time in the future, but for now, in the admin console, you can set the key expiry period to as few as 3 days and as many as 180 days.

Subscribe to Tailscale’s blog

We have a deep commitment to keeping your data safe.

Too much email?RSSX

Try Tailscale for free

Schedule a demo
Contact sales
cta phone
Hugging Face