Tailscale is building a platform. Co-founder and CSO David Carney sat down with Adam Stacoviak to detail four specific bets: TSIDP, TSNet, multiple tailnets, and Aperture. The most operationally significant is Aperture, a private AI gateway that handles API key management, observability, and security for AI agents. It is reachable at aperture.tailscale.com and accepts direct feedback at aperture@tailscale.com.
The architecture discussion is the reason to read this one in full. TSIDP enables clickless authentication by turning a tailnet into an OIDC-compatible identity provider, removing the Okta or Microsoft Entra dependency for internal apps. TSNet lets Go applications join a tailnet directly as first-class nodes. Multiple tailnets solve isolation and blast-radius problems that single-tailnet designs cannot. Each feature is a load-bearing piece of the same larger structure.
The timing is not accidental. Aperture targets the exact problem that MCP adoption is creating: AI agents need to call external APIs, and right now credential management for those calls is ungoverned. Tailscale is positioning its network identity layer as the control plane for that traffic. Whether that bet lands depends on how fast MCP tooling standardizes, and this conversation gets specific about where the gaps still are.
[READ ORIGINAL →]