Tailscale MCP Server
The Tailscale MCP Server provides a standardized interface for automating Tailscale network management through CLI and REST API integration. With this server, you can:
Device Management: List, authorize, deauthorize, and delete devices; manage routes and tags
Network Operations: Connect/disconnect networks, check status, and ping peers
Security Controls: Manage ACLs, policy files, device tags, and network lock settings
DNS Management: Configure nameservers, search paths, and MagicDNS preferences
Key Management: Create, list, and delete authentication keys with specific capabilities
Additional Features: Configure exit nodes, manage file sharing, set up webhooks, and retrieve version information
Built on Node.js runtime (requires v18+) with ES module support for executing Tailscale CLI commands and interacting with the Tailscale REST API.
Provides tools for managing Tailscale networks, including device management (listing, authorizing/deauthorizing devices), subnet route control, network connectivity operations (connect/disconnect), and peer monitoring via ping functionality.
Leverages TypeScript for type safety throughout the implementation, with Zod validation for schema validation and type checking of inputs and outputs.
Uses Zod for runtime validation of data schemas, ensuring type safety and providing descriptive error messages for invalid parameters.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Tailscale MCP Serverlist all authorized devices in my network"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Tailscale MCP Server
A Model Context Protocol (MCP) server for operating Tailscale from any MCP client. Supports local stdio for desktop clients and an authenticated HTTP transport for private tailnet deployments. Defaults to read-only access, localhost binding, and short-lived OAuth credentials where available.
Table of Contents
Related MCP server: tailscale-mcp-server
Features
Device management — list, authorize, deauthorize, delete, expire keys, manage routes.
Network operations — connect/disconnect host, ping peers, get CLI status and version.
Administration — tailnet info, file sharing, exit nodes, webhooks, device tags, server version.
ACL and policy — read/validate/update ACL, DNS settings, auth keys, policy file, network lock.
Read-only resources — tailnet summary, device list, per-device detail, current ACL.
Prompts — guided connectivity diagnosis and ACL change review.
Risk-gated tools —
read,write, andadminlevels viaTAILSCALE_ALLOWED_TOOL_RISK.OAuth + API key — OAuth client credentials (preferred) or legacy API key.
Private HTTP mode — bearer auth, Host validation, request size limits, health check endpoint.
Docker support — pre-built images on Docker Hub and GHCR; sidecar deployment with Tailscale Serve.
Requirements
One of:
Node.js 20+ — run via
npxor install globally (no extra runtime needed).Bun 1.3+ — used for development; also works as a production runtime.
Docker — use the pre-built image (no local runtime required).
Plus one auth method:
OAuth client credentials:
TAILSCALE_OAUTH_CLIENT_ID+TAILSCALE_OAUTH_CLIENT_SECRET(preferred).Legacy API key:
TAILSCALE_API_KEY.
The local Tailscale CLI is optional. It is only required for CLI-backed tools: get_network_status, connect_network, disconnect_network, ping_peer, get_version, and manage_exit_nodes (set/clear operations).
Quick Start
Claude Desktop
Edit ~/.claude/claude_desktop_config.json (create if absent).
OAuth credentials (recommended)
{
"mcpServers": {
"tailscale": {
"command": "npx",
"args": ["-y", "@hexsleeves/tailscale-mcp-server"],
"env": {
"TAILSCALE_OAUTH_CLIENT_ID": "your-client-id",
"TAILSCALE_OAUTH_CLIENT_SECRET": "your-client-secret",
"TAILSCALE_TAILNET": "-"
}
}
}
}API key
{
"mcpServers": {
"tailscale": {
"command": "npx",
"args": ["-y", "@hexsleeves/tailscale-mcp-server"],
"env": {
"TAILSCALE_API_KEY": "tskey-api-...",
"TAILSCALE_TAILNET": "-"
}
}
}
}Enable write/admin tools
Add TAILSCALE_ALLOWED_TOOL_RISK to the env block:
"TAILSCALE_ALLOWED_TOOL_RISK": "write"Set to "admin" to unlock destructive operations (delete, deauthorize, connect/disconnect, key mutation).
Docker Hub
{
"mcpServers": {
"tailscale": {
"command": "docker",
"args": [
"run", "--rm", "-i",
"-e", "TAILSCALE_API_KEY=tskey-api-...",
"-e", "TAILSCALE_TAILNET=your-tailnet",
"hexsleeves/tailscale-mcp-server:latest"
]
}
}
}Claude Code (CLI)
claude mcp add tailscale \
-e TAILSCALE_API_KEY=tskey-api-... \
-e TAILSCALE_TAILNET=- \
-- npx -y @hexsleeves/tailscale-mcp-serverWith write access:
claude mcp add tailscale \
-e TAILSCALE_API_KEY=tskey-api-... \
-e TAILSCALE_TAILNET=- \
-e TAILSCALE_ALLOWED_TOOL_RISK=write \
-- npx -y @hexsleeves/tailscale-mcp-serverCursor
Add to .cursor/mcp.json (project) or ~/.cursor/mcp.json (global):
{
"mcpServers": {
"tailscale": {
"command": "npx",
"args": ["-y", "@hexsleeves/tailscale-mcp-server"],
"env": {
"TAILSCALE_API_KEY": "tskey-api-...",
"TAILSCALE_TAILNET": "-"
}
}
}
}Tool Reference
Devices
Tool | Description | Min risk |
| List all devices in the configured tailnet |
|
| Authorize or expire a device key ( |
|
| Enable or disable advertised routes for a device |
|
Network
Tool | Description | Min risk |
| Get current Tailscale network status via local CLI |
|
| Connect this host to Tailscale with optional CLI flags |
|
| Disconnect this host from Tailscale |
|
| Ping a Tailscale peer through the local CLI |
|
| Get local Tailscale CLI version information |
|
Administration
Tool | Description | Min risk |
| Get detailed information about the configured tailnet |
|
| Read ( |
|
| List exit nodes ( |
|
| List webhooks ( |
|
| Read ( |
|
| Return server version identifier |
|
ACL and Policy
Tool | Description | Min risk |
| Read ( |
|
| Read ( |
|
| List auth keys ( |
|
| Read ( |
|
| Network lock status ( |
|
Resources and Prompts
Resources (read-only)
URI | Description |
| High-level tailnet summary |
| All devices in the tailnet |
| Detail for a single device |
| Current ACL policy |
Prompts
Name | Description |
| Guided diagnostic for connectivity issues |
| Structured review workflow for ACL policy changes |
Configuration
Variable | Default | Description |
| — | OAuth client ID (preferred auth method) |
| — | OAuth client secret (required with |
| — | Legacy API key fallback |
|
| Tailnet name or |
|
| Tailscale API base URL (https required except for localhost) |
|
| Maximum allowed tool risk: |
|
| Path to the local Tailscale CLI binary |
|
| Transport mode: |
|
| Host to bind in HTTP mode |
|
| Port to bind in HTTP mode |
| — | Required for HTTP mode (minimum 32 characters) |
| — | Comma-separated additional allowed HTTP Host header values |
|
| Log verbosity: |
| — | Optional file path for log output |
Risk levels
read— list devices, inspect status, read resources, run diagnostics.write— update ACLs, DNS, routes, policy files, webhooks, tags, and other mutating settings.admin— destructive or host-affecting operations: delete, deauthorize, connect, disconnect, auth key mutation, file sharing changes, exit node control.
HTTP Transport
HTTP mode is intended for private tailnet access. It requires MCP_HTTP_BEARER_TOKEN and binds to 127.0.0.1 by default.
export MCP_TRANSPORT=http
export MCP_HTTP_BEARER_TOKEN="$(openssl rand -base64 32)"
export TAILSCALE_OAUTH_CLIENT_ID="your-client-id"
export TAILSCALE_OAUTH_CLIENT_SECRET="your-client-secret"
export TAILSCALE_TAILNET="-"
npx -y @hexsleeves/tailscale-mcp-server --http --host 127.0.0.1 --port 3000Expose privately with Tailscale Serve (recommended for tailnet deployments):
tailscale serve --bg 443 localhost:3000Do not use Tailscale Funnel for normal MCP operation. Funnel makes the endpoint publicly reachable on the internet.
A GET /health endpoint returns 200 OK when the server is running.
For full Docker sidecar deployment instructions, see docs/docker.md.
Docker
Run with Docker Hub image
docker run --rm \
-e TAILSCALE_API_KEY="tskey-api-..." \
-e TAILSCALE_TAILNET="-" \
-p 127.0.0.1:3000:3000 \
hexsleeves/tailscale-mcp-server:latestRun with GHCR image
docker run --rm \
-e TAILSCALE_API_KEY="tskey-api-..." \
-e TAILSCALE_TAILNET="-" \
-p 127.0.0.1:3000:3000 \
ghcr.io/hexsleeves/tailscale-mcp-server:latestBuild locally
docker build -t tailscale-mcp-server .For sidecar deployment with Tailscale Serve, see docs/docker.md.
Example Prompts
Once the server is connected to your MCP client, try these:
"List my Tailscale devices and show which ones are offline."
"What is the current Tailscale network status on this machine?"
"Diagnose connectivity to my NAS at 100.64.0.5."
"Show me the current ACL policy for my tailnet."
"Review this ACL change before I apply it." (attach the new policy)
"What DNS nameservers is my tailnet using?"
"List all active webhooks in my tailnet."
Development
# Install dependencies (Bun required for development)
bun install
# Type check
bun run typecheck
# Run tests
bun test
# Lint and format
bun run check
# Build
bun run build
# Full verification (typecheck + lint + test + build)
bun run qa:full
# Security audit
bun auditSee CONTRIBUTING.md for the full development workflow, commit conventions, and release process.
Contributing
Contributions are welcome. Please read CONTRIBUTING.md before opening a pull request.
CONTRIBUTING.md — development setup, commit conventions, PR process.
SECURITY.md — responsible disclosure policy.
LICENSE — MIT.
Maintenance
Appeared in Searches
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/HexSleeves/tailscale-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server