> ## Documentation Index > Fetch the complete documentation index at: https://docs.pangolin.net/llms.txt > Use this file to discover all available pages before exploring further. # Device Approvals > Only allow trusted devices to connect to an organization

Fastest way to get started with Pangolin using the hosted control plane. No credit card required.

Only available in [Pangolin Cloud](https://app.pangolin.net/auth/signup) and [Enterprise Edition](/self-host/enterprise-edition). By default, any client configured with valid credentials can connect to an organization. To enhance security, you can enable device approvals, which require each new device to be manually approved by an administrator before it can connect. When device approvals are enabled, the first time a user connects a new device to the organization, the device will be marked as "Pending Approval." An administrator must then review and approve the device in the management console before it can access organization resources.

All approvals can also be managed from a central page as they stream in to allow admins to approve or deny devices quickly.

## Enabling Device Approvals Device approvals are enabled on a per-role basis. To enable device approvals for a role, follow these steps: 1. Click on the **Roles** tab. 2. Select the role you want to enable device approvals for. 3. Toggle the **Require Device Approval** option to enable it. 4. Save your changes. Once enabled, any new user connecting with that role will require approval from an administrator before it can access organization resources. You cannot enable device approvals for the "Admin" role.