Docs / Admin

Device authorization

Device authorization is a feature that allows Tailscale network administrators to review and approve new devices before they can join the network. This can be used to ensure only trusted devices, such as workplace-managed laptops and phones, can access a network.

Enabling device authorization for your network

This feature can be enabled from the Tailscale admin console. Look for “Device Authorization” in the authentication settings.

Authorizing devices

Once this setting is enabled, new devices that access your network will see a notification that their device is “awaiting approval.” Devices awaiting approval cannot send or receive traffic on your Tailscale network until they are authorized.

To authorize devices, navigate to the machines page of the admin console. At the top of the list you should see the device with a “needs authorization” badge beneath it.

You can review details about the device and user before deciding whether to authorize it. When you’re ready to authorize the device, open the … menu and select “Authorize” to allow the device to connect to your network.

After authorization, the device will immediately be able to connect. No restarts or toggling needed.

Last updated

WireGuard is a registered
trademark of Jason A. Donenfeld.

© 2022 Tailscale Inc.

Privacy & Terms