---
title: Tailscale API Integration on Truto
slug: tailscale
category: Application Development
canonical: "https://truto.one/integrations/detail/tailscale/"
---

# Tailscale API Integration on Truto



**Category:** Application Development  
**Status:** Generally available

## Unified APIs

### Unified User Directory API

- **Users** — The User object represents a User.

## How it works

1. **Link your customer's Tailscale account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app.
2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request.
3. **Call Truto's API to reach Tailscale.** The Proxy API is a 1-to-1 mapping of the Tailscale API.
4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field.

## Use cases

- **Sync Tailscale network identities into your user directory** — Identity and access management platforms can pull Tailscale user data alongside other identity providers to build a unified view of who has network-level access across a customer's organization.
- **Automate device compliance checks against network membership** — Security and compliance SaaS products can correlate Tailscale device and user data with HR and IdP directories to verify that every node on the tailnet maps to an active, authorized employee — flagging orphaned or shadow IT devices.
- **Power just-in-time access workflows with unified identity resolution** — Privileged access management tools can match access requests against a combined user directory that includes Tailscale identities, ensuring the person requesting infrastructure access is a verified network participant before modifying ACLs.
- **Enrich asset inventories with tailnet user mappings** — IT asset management and SOC2 automation platforms can ingest Tailscale user records to prove that network access is tied to known identities, closing audit gaps without manual spreadsheet reconciliation.

## What you can build

- **Unified employee directory with Tailscale network identities** — Pull Tailscale users into the same normalized schema as Okta, Google Workspace, and Azure AD users using Truto's Unified User Directory API, giving your customers a single pane of glass for identity data.
- **Automated offboarding verification dashboard** — Cross-reference terminated employees from HR systems against active Tailscale users to surface accounts that still have tailnet access and need to be revoked.
- **Network identity coverage report** — Generate a report showing which employees across connected identity providers have corresponding Tailscale accounts and which do not, highlighting gaps in network enrollment.
- **Real-time access review for compliance audits** — Continuously sync Tailscale user records into your compliance workflow so auditors can verify that only authorized personnel retain network access, with evidence pulled automatically.
- **Shadow account detection alerts** — Alert security teams when a Tailscale user identity does not match any known employee in the customer's primary identity provider, indicating a potential shadow or unmanaged account.

## FAQs

### How does authentication work for the Tailscale integration?

Tailscale supports scoped OAuth Client Credentials, allowing integrations to authenticate programmatically without being tied to a specific human user. Truto handles the OAuth flow and token management on your behalf.

### What data can I access through the Unified User Directory API for Tailscale?

You can read Tailscale user records — the directory of identities mapped to a tailnet — normalized into Truto's unified user schema. This lets you query Tailscale users the same way you query users from any other supported identity provider.

### Are there tools or write operations available for Tailscale today?

Tailscale tools (such as device management, ACL updates, or auth key generation) are not pre-built yet but are available on request. If your use case requires write operations or endpoints beyond user reads, contact Truto to discuss a custom build.

### Does Truto handle Tailscale API rate limits and pagination?

Yes. Truto abstracts away API-specific quirks including rate limiting, pagination, and retry logic, so your application doesn't need to manage these details directly.

### How fresh is the user data synced from Tailscale?

Data freshness depends on your sync configuration. Truto supports polling-based syncs, so you can configure the frequency to match your use case — from near-real-time checks to periodic daily syncs.

### Can I use this integration alongside other identity providers in the Unified User Directory API?

Absolutely. That's the core value — you can query Tailscale users using the same unified schema and endpoints you use for Okta, Google Workspace, Azure AD, and other supported providers, enabling cross-provider identity correlation without writing provider-specific code.