Teleport Access Plane

Teleport Application Access

Identity-based access to CI/CD pipelines, AWS console, monitoring dashboards, code repositories, and other internal web applications across all environments.

Single Sign On
Single Sign On
an enter password screen
Verify
Multi Factor Authentication
a biometric verification screen
Security Key or Biometric Authenticator
Multi Factor Authentication
a multi-factor authentication screen
Authentication Successful
Applications
T
Jenkins
All
+
For DevSecOps

Easily enforce security for your entire DevOps toolkit

Teleport Application Access brings industry best practices for accessing internal web apps, replacing VPNs with a modern, identity-based zero-trust approach.
a diagram of server architecture
Single sign-on with MFA

Teleport brings security best practices and compliance controls to all internal web apps, including SSO and MFA, with auto-expiring certificates tied to a user identity.

Unified access policy

Easily implement unified role-based access controls (RBAC) across all internal web applications using JWT tokens.

TLS routing

Certificate-based protocol negotiation shrinks the network attack surface area of all your web applications to a single public DNS endpoint with a single TCP/IP port.

For compliance-minded engineers

Meet compliance requirements

Teleport was designed to continuously maintain compliance and pass audits with minimal configuration. The supported standards include SOC 2, FedRAMP, HIPAA, ISO 27001, PCI and more.
a diagram of server architecture
Advanced authorization

Use the authorization mechanism best suited for your compliance requirements such as RBAC, per-session MFA, and dual authorization for privileged operations.

FIPS mode

Avoid human errors using Teleport FIPS mode which rejects configuration options unless they are compliant with FIPS 140-2, also known as the Federal Information Processing Standard.

Session controls

Implement moderated sessions, enforce concurrent session restrictions, proactive session termination, and identity locking across your entire infrastructure footprint.

For developers

Reduce operational overhead of securing internal web applications

Managing domain names, HTTPS certificates and firewall rules for accessing internal web applications is a thing of the past.
a diagram of server architecture
Endpoint management

Teleport Application Access automatically configures DNS, manages x.509 certificates and network ports, making it painless to self-host a large number of internal web apps.

Access provisioning

Cloud infrastructure is elastic, and so are engineering teams. Provisioning and deprovisioning access to internal DevOps tooling to new team members or new cloud environments is instant with Teleport Application Access.

Application launcher

Modern engineering teams use dozens of tools to build, ship and run their applications. Teleport Application Launcher puts the entire DevOps toolbox at your fingertips without having to deal with numerous login prompts.

For security professionals

Complete visibility into access and behavior

Teleport provides a live view and an audit log for user sessions for all web applications across all environments, making it easy to see what’s happening and who is responsible.
Unified audit log

Teleport Application Access maintains the detailed audit log of the humans and machines who are accessing your private applications. The audit can be exported to a SIEM solution of your choice.

Unified session management

All live user sessions across all internal web applications and cloud environments always go through Teleport, making it easy to see what is happening and maintain compliance.

Live application catalog

Teleport automatically registers internal applications with the live application catalog, providing a live view of all active endpoints across all environments.

Demo Video

Works with everything you have

Teleport Application Access is open source and relies on open standards such as SSH, HTTPS, SAML, OpenID connect and others. Deployed as a single binary drop-in replacement for OpenSSH, it seamlessly integrates with the rest of your stack.

Amazon
Google Cloud
Azure
Linux
Windows
Chef
Okta
Active Directory
Puppet
OneLogin
Kubernetes
Ansible

Easy to get started

Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.

Teleport consists of just two binaries.
  1. The tsh client allows users to login to retrieve short-lived certificates.
  2. The teleport agent can be installed on any server or any Kubernetes cluster with a single command.
Download Teleport
Terminal
# on a client
$ tsh login --proxy=example.com

# on a server
$ apt install teleport

# in a Kubernetes cluster
$ helm install

Try Teleport today

In the cloud, self-hosted, or open source
Get StartedView developer docs