Docs / Admin

Device authorization

Device authorization is a feature that allows Tailscale network administrators to review and approve new devices before they can join the network. This can be used to ensure only trusted devices, such as workplace-managed laptops and phones, can access a network.

Enabling device authorization for your network

Currently this feature can only be enabled by contacting the Tailscale team. Email us at [email protected] and let us know you’d like device authorization enabled for your network.

In the near future, we’ll introduce an option to toggle this setting in the admin console.

Authorizing devices

Once this setting is enabled, new devices that access your network will see a notification that their device is “awaiting approval.” Devices awaiting approval cannot send or receive traffic on your Tailscale network until they are authorized.

To authorize devices, navigate to the machines page of the admin console. At the top of the list you should see the device with a “needs authorization” badge beneath it.

You can review details about the device and user before deciding whether to authorize it. When you’re ready to authorize the device, open the … menu and select “Authorize” to allow the device to connect to your network.

After authorization, the device will immediately be able to connect. No restarts or toggling needed.

Last updated