App capabilities, now for all your apps

Tailscale has announced the availability of app capabilities and user identities in HTTP headers for all applications connected to a tailnet, facilitating the development of identity and capability-aware applications. This enhancement builds on Tailscale's existing identity-based access controls, allowing developers to create powerful, secure apps without being restricted to specific coding languages or needing custom code. By utilizing HTTP headers, Tailscale expands its compatibility with various applications and simplifies future-proofing for developers, as apps using these headers will not require re-engineering even if new tools are released in other languages. The serve function can now accept app capability grants through a command-line flag, enabling applications to use Tailscale's identity features in a language-independent manner. While currently available through a command-line interface, a declarative configuration option is planned for the future. These capabilities are included in the latest unstable builds and will be part of the upcoming 1.92 stable release, with feedback encouraged through GitHub, Reddit, or Discord.