Version: 17.x

The Teleport Infrastructure Identity Platform

Teleport Documentation
Teleport is the easiest, most secure way to access and protect all your infrastructure.

The Teleport Infrastructure Identity Platform implements trusted computing at scale, with unified cryptographic identities for humans, machines and workloads, endpoints, infrastructure assets, and AI agents.

You can quickly see how Teleport works by following our Get Started guide to enroll your first resource with Teleport.

Zero Trust Access

Easy access to all your infrastructure on a foundation of cryptographic identity

Enroll and Protect Your Infrastructure

Apps, servers, databases, Kubernetes, desktops, & more

VNet: Build without VPNs

Secure app & SSH access with no VPNs or proxies

Secure MCP (Protect the Vibes)

Secure MCP integration with granular audit trail

Role-Based Access Control (RBAC)

Govern infrastructure access with granular permissions

Passwordless Authentication

Log in securely using biometrics

Integrate with SSO Providers

Connect Okta, Entra ID, Google, and more

Structured Audit Export

Forward audit logs to SIEMs like Splunk and Datadog

Identity-Based Audit Events

Detailed audit logs for every user action

Session Recording and Playback

Record a detailed review of what took place

Session Sharing and Moderation

Require a moderator for privileged sessions

Dual Authorization Capabilities

Require approvals to perform critical actions

Manage Clusters with IaC

Create, update, and manage Teleport in declarative code.

Machine and Workload Identity

Replace long-lived secrets with identity-based authentication and authorization

Intro to Machine & Workload ID

Replace long-lived secrets with identity-based auth

Deploy CI/CD Pipelines

Replace long-lived secrets in CI/CD pipelines

Secure Infrastructure as Code

Manage IaC workflows in Terraform and Pulumi

Hybrid & Multi-Cloud Authentication

Universal identities across cloud platforms

Workload to Workload Authentication

Service-to-service auth with mTLS

Identity Management for AI Agents

RBAC for autonomous agents and processes

Identity Governance

Manage identities by enforcing principles of least privilege and zero trust

Request Temporary Elevated Access

Eliminate standing privileges w/ just-in-time access

Manage Standing Access for Teams

Sync IdP groups to roles w/ automated reviews

Require Managed Devices for Access

Guarantee access only from trusted devices

Instantly Lock Identities & Sessions

Lock compromised users and resources

Integrate w/your Identity Provider(s)

Okta, Entra ID, and Sailpoint w/SCIM group sync

Federate Users to External Services

Use Teleport as SAML IdP to 3rd-party apps

Monitor for Risky Access

Identify risky access patterns and behaviors

Identity Security

Visualize access paths and identify security risks across your infrastructure

Expose Hidden Access Risks

Scan for SSH keys, repo access, and more

Identify Over-Privileged Users

Identify users with excessive standing privileges

Monitor Changes to Critical Resources

Monitor, alert on, and visualize access changes

Alert on Anomalous Activity

AI alerting on risky behaviors in your infrastructure

Unify Logs from Key Systems

Unify logs from Okta, AWS, GitHub, and more

Query Roles, Groups, & Permissions

Create custom tailored queries w/the SQL Editor

Architecture

The Teleport Infrastructure Identity Platform consists of a certificate authority and identity-aware access proxy that run either on the Teleport-managed cloud or, in special cases, a self-hosted private network.

Teleport Agents, which can run on Linux servers or Kubernetes, proxy access to infrastructure resources and cloud provider APIs. Users authenticate to infrastructure resources through Teleport Agents using short-lived certificates. Teleport Agents enforce role-based access controls by using certificates that embed user attributes.

