Tailscale offers an API to let you automate various aspects of your network.

You can find documentation for the API on GitHub →

Authentication

Requests to the API are authenticated via an access token (sometimes called an API key), which can be generated from the Keys page of the admin console. You can choose the number of days, between 1 and 90 inclusive, for the key expiry.

This access token will automatically expire after the chosen number of days. If you want to continue using an access token after this access token expires, you need to generate a new access tokens. Access tokens can also be revoked before their expiration. Recently expired and revoked access token are shown on the Keys page.

As an alternative to an access token that has full permission to the Tailscale API, use OAuth clients to provide delegated fine-grained control to the Tailscale API.

More details about authenticating with the API can be found on GitHub.