tacacs_server

TACACS+ server component for AAA (authentication, authorization, and accounting). Typically provides a network service that accepts TACACS+ requests from network devices and applies configured authentication/authorization/accounting policies.

Evaluated Apr 04, 2026 (20d ago)

Homepage ↗ Repo ↗ Security tacacs+ aaa network-security authentication authorization accounting protocol-server infrastructure

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Security depends heavily on deployment configuration (shared secret strength, network exposure, transport security, and backend auth). TLS/transport encryption for TACACS+ is not guaranteed by the package name alone; scope granularity is typically policy-based rather than OAuth-like scopes. Secret handling and dependency hygiene cannot be verified without code/manifests.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You have network gear configured for TACACS+ and need a self-hosted AAA endpoint with tight control over TACACS+ policies.

Avoid When

You need a cloud-hosted SaaS API/SDK experience rather than operating a network daemon/service; or you cannot safely expose the service to the required network path.

Use Cases

• Centralized AAA for network equipment using the TACACS+ protocol
• Automated management of authentication and authorization decisions for users accessing routers/switches/VPNs
• Auditable accounting for access/session logging via TACACS+ accounting records

Not For

• Replacing RADIUS/other AAA systems when your environment does not use TACACS+
• General-purpose application API for business logic (it is a network security service)

Interface

REST API

GraphQL

gRPC

MCP Server

SDK

Webhooks

Authentication

Methods: TACACS+ server authentication (shared secret between TACACS+ client and server) User authentication via configured backends (commonly LDAP/AD/RADIUS-like backends, depending on configuration)

OAuth: No Scopes: No

Auth method is primarily protocol-based (TACACS+ shared secret) plus whatever identity backend the deployment is configured to use. No OAuth/scopes are indicated from the provided package name alone.

Pricing

Free tier: No

Requires CC: No

Assumed self-hosted software; pricing not determinable from provided data.

Agent Metadata

Pagination

none

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ Agents generally cannot “call” a TACACS+ server like an HTTP API; they would need network/protocol-level handling.
⚠ Configuration and shared-secret handling are critical; small config mistakes can cause authentication failures.
⚠ TACACS+ operations are stateful from a network/session perspective; retries can lead to duplicated accounting records if not handled carefully.

Alternatives

FreeRADIUS (RADIUS) Diameter/AAA components (vendor-specific) Commercial AAA platforms or managed TACACS+/RADIUS services Identity providers with vendor-integrated AAA (e.g., TACACS+ bridging to AD/LDAP)

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for tacacs_server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.