Fork me on GitHub


Just-in-time Access Requests


Teleport Just-in-Time Access Requests allow any user to request access to a resource or role depending on need. The request can then be approved or denied based on a configurable number of approvers.

Just-in-time Access Requests are a powerful way to implement the principle of least privilege in your organization, leaving an attacker with no permanent admins to target. Users receive elevated privileges for a limited period of time. Request approvers can be configured with limited cluster access so they are not high value targets.

Just-in-time Access Requests are a feature of Teleport Enterprise. Open-source Teleport users can get a preview of how Access Requests work by requesting a role via the Teleport CLI. Full Access Request functionality, including Resource Access Requests and an intuitive and searchable UI are available in Teleport Enterprise.

For information on how to use Just-in-time Access Requests with OSS Teleport, see the OSS Guide.

Resource Access Requests

With Resource Access Requests, engineers can easily get access to only the individual resources they need, when they need it.

Get started with Resource Access Requests.

Role Access Requests

Role Access Requests balance security and flexibility. Engineers can request temporary credentials with elevated roles in order to perform critical system-wide tasks.

Get started with Role Access Requests.