tailscale/publicapi
Charlotte Brandhorst-Satzkorn 4f4f317174 api.md: direct TOC links to new publicapi docs location
This change updates the existing api.md TOC links to point at the new
publicapi folder/files. It also removes the body of the docs from the
file, to avoid the docs becoming out of sync.

This change also renames overview.md to readme.md.

Updates tailscale/corp#19526

Signed-off-by: Charlotte Brandhorst-Satzkorn <charlotte@tailscale.com>
2024-05-20 11:15:44 -04:00
..
device.md api.md: direct TOC links to new publicapi docs location 2024-05-20 11:15:44 -04:00
deviceinvites.md publicapi: include device and user invites API documentation (#12168) 2024-05-17 15:55:26 -07:00
readme.md api.md: direct TOC links to new publicapi docs location 2024-05-20 11:15:44 -04:00
tailnet.md api.md: direct TOC links to new publicapi docs location 2024-05-20 11:15:44 -04:00
userinvites.md publicapi: include device and user invites API documentation (#12168) 2024-05-17 15:55:26 -07:00

Tailscale API

The Tailscale API is a (mostly) RESTful API. Typically, both POST bodies and responses are JSON-encoded.

Base URL

The base URL for the Tailscale API is https://api.tailscale.com/api/v2/.

Examples in this document may abbreviate this to /api/v2/.

Authentication

Requests to the Tailscale API are authenticated with an API access token (sometimes called an API key). Access tokens can be supplied as the username portion of HTTP Basic authentication (leave the password blank) or as an OAuth Bearer token:

# passing token with basic auth
curl -u "tskey-api-xxxxx:" https://api.tailscale.com/api/v2/...

# passing token as bearer token
curl -H "Authorization: Bearer tskey-api-xxxxx" https://api.tailscale.com/api/v2/...

Access tokens for individual users can be created and managed from the Keys page of the admin console. These tokens will have the same permissions as the owning user, and can be set to expire in 1 to 90 days. Access tokens are identifiable by the prefix tskey-api-.

Alternatively, an OAuth client can be used to create short-lived access tokens with scoped permission. OAuth clients don't expire, and can therefore be used to provide ongoing access to the API, creating access tokens as needed. OAuth clients and the access tokens they create are not tied to an individual Tailscale user. OAuth client secrets are identifiable by the prefix tskey-client-. Learn more about OAuth clients.

Errors

The Tailscale API returns status codes consistent with standard HTTP conventions. In addition to the status code, errors may include additional information in the response body:

{
  "message": "additional error information"
}

Pagination

The Tailscale API does not currently support pagination. All results are returned at once.

APIs

Device

Tailnet

User invites

Device invites