Tailscale MCP Server

device_action

Manage device permissions and configurations by performing actions like authorizing, deauthorizing, deleting, or expiring keys on a specified device within the Tailscale MCP Server.

Instructions

Perform actions on a specific device

Input Schema

TableJSON Schema

Name	Required	Description	Default
`action`	Yes	The action to perform on the device
`deviceId`	Yes	The ID of the device to act on

Implementation Reference

src/tools/device-tools.ts:93-129 (handler)

Executes the device_action tool by dispatching to appropriate UnifiedTailscaleClient methods based on the specified action (authorize, deauthorize, delete, expire-key). Returns success or error messages.

async function deviceAction(
  args: z.infer<typeof DeviceActionSchema>,
  context: ToolContext,
): Promise<CallToolResult> {
  try {
    logger.debug("Performing device action:", args);

    let result: UnifiedResponse<void>;
    switch (args.action) {
      case "authorize":
        result = await context.client.authorizeDevice(args.deviceId);
        break;
      case "deauthorize":
        result = await context.client.deauthorizeDevice(args.deviceId);
        break;
      case "delete":
        result = await context.client.deleteDevice(args.deviceId);
        break;
      case "expire-key":
        result = await context.client.expireDeviceKey(args.deviceId);
        break;
      default:
        return returnToolError(`Unknown action: ${args.action}`);
    }

    if (!result.success) {
      return returnToolError(result.error);
    }

    return returnToolSuccess(
      `Successfully performed action "${args.action}" on device ${args.deviceId}`,
    );
  } catch (error: unknown) {
    logger.error("Error performing device action:", error);
    return returnToolError(error);
  }
}

src/tools/device-tools.ts:17-22 (schema)

Zod schema defining the input parameters for the device_action tool: deviceId (string) and action (enum: authorize, deauthorize, delete, expire-key).

const DeviceActionSchema = z.object({
  deviceId: z.string().describe("The ID of the device to act on"),
  action: z
    .enum(["authorize", "deauthorize", "delete", "expire-key"])
    .describe("The action to perform on the device"),
});

src/tools/device-tools.ts:177-181 (registration)
Registers the device_action tool within the deviceTools module, specifying name, description, inputSchema, and handler.
```
  name: "device_action",
  description: "Perform actions on a specific device",
  inputSchema: DeviceActionSchema,
  handler: deviceAction,
},
```
src/tools/index.ts:43-46 (registration)
Top-level registration of the deviceTools module (containing device_action) in the ToolRegistry's loadTools method.
```
this.registerModule(deviceTools);
this.registerModule(networkTools);
this.registerModule(aclTools);
this.registerModule(adminTools);
```

src/types.ts:122-125 (schema)

Shared Zod schema for DeviceActionRequest used across the codebase, matching the tool's input schema.

export const DeviceActionRequestSchema = z.object({
  deviceId: z.string(),
  action: z.enum(["authorize", "deauthorize", "delete", "expire-key"]),
});

Tool Definition Quality

C2.7/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden. It states 'Perform actions' which implies mutation operations, but doesn't disclose any behavioral traits like whether actions are destructive, require specific permissions, have side effects, or what happens after execution. For a tool with potentially destructive actions (like 'delete'), this is a significant gap in transparency.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise with just 5 words: 'Perform actions on a specific device'. It's front-loaded with the core purpose and has zero wasted words. Every word earns its place in conveying the essential function.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given this is a mutation tool with potentially destructive actions (delete, deauthorize) and no annotations or output schema, the description is incomplete. It doesn't explain what the actions do, their consequences, or what to expect as results. For a tool that could permanently affect devices, more context is needed about behavior and outcomes.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents both parameters (deviceId and action with enum values). The description adds no additional meaning beyond what the schema provides - it doesn't explain what each action does, consequences of choices, or parameter relationships. Baseline 3 is appropriate when schema does the heavy lifting.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose3/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description states the purpose as 'Perform actions on a specific device', which is clear but vague. It specifies the verb 'perform actions' and resource 'device', but doesn't distinguish what types of actions or differentiate from sibling tools like 'list_devices' or 'manage_device_tags'. The purpose is understandable but lacks specificity.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. With many sibling tools available (like manage_device_tags, manage_keys, etc.), there's no indication of when device_action is appropriate versus other device-related tools. No context, exclusions, or prerequisites are mentioned.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Related Tools

manage_device_tagsC
@HexSleeves/tailscale-mcp
manage_file_sharingC
@HexSleeves/tailscale-mcp
manage_network_lockC
@HexSleeves/tailscale-mcp
manage_policy_fileC
@HexSleeves/tailscale-mcp
manage_keysC
@HexSleeves/tailscale-mcp
manage_dnsC
@HexSleeves/tailscale-mcp

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/HexSleeves/tailscale-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server