ACL grants

Learn how to use ACL grants to provide capabilities at either the IP layer or the application layer.

ACL and access rule samples

View sample ACLs and access rules for common scenarios.

Tailscale CLI

Learn about the Tailscale command-line interface.

Tailscale API

Learn about the Tailscale application programming interface.

OAuth clients

Learn how to use OAuth clients to provide ongoing access to the Tailscale API.


Learn about tsnet, a library that lets you embed Tailscale inside of a Go program.

Key prefixes

Learn about the Tailscale prefixes for keys, such as an API access token.

Production best practices

Learn production and security best practices for deploying Tailscale.

Best practices to secure your tailnet

Discover best practices for keeping your Tailscale network secure.

Guidance for hardening Tailscale nodes

Follow advanced guidance for hardening and sandboxing nodes.

Key and secret management

See details about managing the various types of keys and secrets for your tailnet.

Scanning for exposed Tailscale secrets

Learn how Tailscale partners scan for exposed Tailscale secrets and provide notifications to help prevent fraudulent access.

AWS reference architecture

Deploy Tailscale to Amazon Web Services (AWS) with best practices, security, and production readiness in mind.

Shared responsibility model

Understand the responsibilities for protecting your network.

macOS and iOS shortcuts

Learn how Tailscale works with the Shortcuts app, allowing you to automate tasks.

Technical overviews

Learn technical details about Tailscale.

Troubleshooting guide

This article contains various suggestions and tips to help troubleshoot setup and connectivity issues. If you have additional issues, contact …

Tailscale repo on GitHub
View the repository that contains the open source Tailscale client code and the tailscaled daemon and tailscale CLI tool.