APERTURE IS NOW AVAILABLE - START BUILDING WITH AI SAFELY IN MINUTES, NO WAITLIST.Read more →

What is Aperture?

Last validated:

Aperture by Tailscale is currently in alpha.

As organizations adopt AI across development, automation, and internal tools, they face new challenges around security, visibility, and control. API keys are often scattered across developer devices, CI/CD (continuous integration/continuous delivery) systems, and automated agents, increasing the risk of leaks and making credentials difficult to rotate or audit. Teams lack clear insight into who is using which models, how frequently, and at what cost. This makes it difficult for security, platform, and compliance teams to support AI usage at scale without slowing developers down.

Aperture by Tailscale addresses these challenges with a centralized AI gateway that secures, monitors, and routes LLM requests across your organization. Aperture uses Tailscale's identity layer to automatically authenticate users, eliminating the need to distribute API keys. It injects provider credentials for users and automated agents and routes requests to upstream LLM providers such as OpenAI, Anthropic, and Google, without requiring changes to existing tools or workflows.

Use cases

Aperture addresses common challenges organizations face when adopting LLM clients.

  • Centralized API key management

    Distributing API keys to developers creates security risks and an administrative burden. Keys get committed to repositories, shared insecurely, or forgotten when employees leave.

    Aperture centralizes API keys in the server configuration. Clients connect through the proxy without needing provider credentials. User identity comes from Tailscale's identity layer, which automatically identifies users based on their device.

  • Visibility into LLM usage

    Gain visibility into how engineering teams adopt LLM-powered tools. Aperture lets you answer questions such as:

    • How many tokens did we use last month?
    • Which models are teams using?
    • What does the breakdown of our LLM spend look like?

    Aperture captures every request with user attribution, model identification, and token counts. The Aperture dashboard aggregates this data by user, model, and time period.

  • Cost tracking

    LLM API costs scale with token usage, but tracking consumption across tools and providers requires aggregating data from each source individually. Developers might not realize how much their workflows cost, and finance teams lack the data to forecast budgets.

    Aperture extracts token usage from every response, including input, output, cached, and reasoning tokens. This data feeds into dashboards and exports for cost analysis. You can also set budgets and per-user spending limits to prevent cost overruns.

  • Adoption analytics

    Gather adoption insights and answer questions such as:

    • Which teams are using the tools? How frequently?
    • Are there users who tried a tool one time and stopped?

    The Adoption page of the Aperture dashboard shows organization-wide usage patterns, active users over time, and histograms of usage distribution.

  • Compliance and audit trails

    Regulated industries require audit trails for AI interactions. When LLM requests flow directly from client to provider, organizations have no record of what was sent or received.

    Aperture stores full request and response bodies. The capture system preserves headers, payloads, and tool use data. Export logs and events to your SIEM for monitoring, retention, and compliance workflows.

  • LLM session debugging

    Debug LLM interactions by reviewing full request and response data. The Logs page of the Aperture dashboard groups related requests into sessions, letting you trace the flow of a conversation or coding task.

Limitations

Consider the following limitations before deployment. Tailscale is actively developing Aperture, so this list updates frequently.

  • Tailscale requirement

    The Aperture server runs on a Tailscale network. Clients can connect from inside the tailnet or from outside it using ts-unplug. Both paths provide Tailscale-based identity. Direct public internet access is not supported.

  • Provider support

    Metrics extraction relies on parsing provider response formats. Aperture handles OpenAI, Anthropic, Gemini, and OpenAI-compatible APIs. Refer to the provider compatibility reference for details. New providers or format changes might require updates.

  • No request modification

    Aperture captures and forwards requests without modification (except authentication headers). Aperture does not yet support request filtering or prompt injection detection.

  • Quota buckets reset on restart

    Aperture stores quota buckets in memory. When the configuration reloads or the process restarts, every bucket resets to full capacity. Plan quota capacities and refill rates with this behavior in mind.

  • Subscription plans not supported

    Aperture authenticates with LLM providers using API keys from provider developer platforms. Consumer and business subscription plans — such as Claude Pro or Claude Max, ChatGPT Plus, Pro, or Team, or Gemini Advanced — are separate from provider API access and do not provide API keys compatible with Aperture.

FAQ

What happens if a user tries to connect from outside the tailnet?

Users outside the tailnet can connect through ts-unplug, which creates a lightweight tailnet node and proxies local traffic to Aperture. Without ts-unplug, the connection fails at the network level because Aperture listens on Tailscale interfaces.

What happens when I add a new LLM provider to the configuration?

Clients can immediately use models from that provider by specifying the model name in their requests. No client changes are required because the proxy routes based on model name.

What happens if a streaming response is interrupted mid-stream?

The proxy captures whatever data arrived before the interruption. Metrics extraction might fail or report partial data, but the proxy stores the partial capture for debugging.

Do clients need API keys to use Aperture?

No. Aperture identifies users through Tailscale and injects provider API keys automatically. Clients connect without credentials.

Can I use my Claude Max, ChatGPT Plus, or other subscription plan with Aperture?

No. Aperture requires API keys from provider developer platforms. Consumer and business subscription plans — such as Claude Pro or Claude Max, ChatGPT Plus, Pro, or Team, or Gemini Advanced — are separate from provider API access and do not provide API keys compatible with Aperture. Obtain API keys from the provider's developer platform (for example, the Anthropic Console, OpenAI Platform, or Google AI Studio).

Can I use Aperture with providers not listed in the documentation?

Yes, if the provider uses an OpenAI-compatible API format. Configure it as a provider with openai_chat: true compatibility and the appropriate authorization type.

Can I use Aperture with self-hosted LLMs?

Yes, you can proxy self-hosted LLMs with Aperture without exposing the endpoints to the public internet.

Can I use Aperture in CI/CD environments, such as GitHub Actions?

Yes, as long as you can run Tailscale. Aperture works in common containerized environments such as GitHub Actions without needing to expose either the agent or the gateway to the public internet.

Can I use Aperture with several tailnets?

Yes, you can connect to Aperture from another tailnet using ts-unplug. You can also use ts-unplug to connect from environments that aren't on a tailnet at all.

Learn more