From 2a3e99ae474422e2eaffb53cc683e720768428cd Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Wed, 2 Apr 2025 16:44:17 -0400
Subject: [PATCH] Update endpoints that need to be exposed (#27798)

Most Fleet users want Fleet Desktop > My device page to work. I think
let's document that as the best practice

---------

Co-authored-by: Robert Fairburn <8029478+rfairburn@users.noreply.github.com>
---
 articles/what-api-endpoints-to-expose-to-the-public-internet.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/articles/what-api-endpoints-to-expose-to-the-public-internet.md b/articles/what-api-endpoints-to-expose-to-the-public-internet.md
index 6d7e6214c7..6550432994 100644
--- a/articles/what-api-endpoints-to-expose-to-the-public-internet.md
+++ b/articles/what-api-endpoints-to-expose-to-the-public-internet.md
@@ -11,7 +11,7 @@ If you would like to manage hosts that can travel outside your VPN or intranet,
 
 ## Using Fleet Desktop on remote devices
 
-If you are using Fleet Desktop and want it to work on remote devices, the bare minimum API to expose is `/api/*/fleet/device/*/desktop`. This minimal endpoint will only provide the number of failing policies.
+If you're using Fleet Desktop `/api/*/fleet/device/*/desktop` must be exposed in the API, and for the end user **Fleet Desktop > My device** page `/device/*` and `/assets/*` must be exposed.
 
 For full Fleet Desktop and scripts functionality, `/api/fleet/orbit/*` and`/api/fleet/device/ping` must also be exposed.