Teleport Upcoming Releases
Teleport releases a new major version approximately every 4 months, and provides security-critical support for the current and two previous major versions. With our typical release cadence, we usually support each major version for 12 months.
Teleport
We plan to release the following versions in the coming months:
| Version | Date |
|---|---|
| 18.1.0 | Week of July 21, 2025 |
| 18.2.0 | Week of September 1, 2025 |
We continue to support the following major versions of Teleport:
| Release | Release Date | EOL | Minimum tsh version |
|---|---|---|---|
| v18.x | July 3, 2025 | August 2026 | v17.0.0 |
| v17.x | November 16, 2024 | February 2026 | v16.0.0 |
| v16.x | June 14, 2024 | October 2025 | v15.0.0 |
18.1.0
MCP servers access
Teleport will provide ability to connect to stdio-based MCP servers with connection proxying and audit logging support.
MCP for database access
Teleport will allow MCP clients such as Claude Desktop to execute queries in Teleport-protected databases.
VNet for SSH
Teleport VNet will add native support for SSH, enabling any SSH client to connect to Teleport SSH servers with zero configuration. Advanced Teleport features like per-session MFA will have first-class support for a seamless user experience.
Identifier-first login
Teleport will add support for identifier-first login flows. When enabled, the initial login screen will contain only a username prompt. Users will be presented with the SSO connectors that apply to them after submitting their username.
Bound keypair joining for Machine ID
The new bound keypair join method for Machine ID is a more secure and user-friendly alternative to token joining in both on-prem environments and cloud providers without a delegated join method. It allows for automatic self-recovery in case of expired client certificates and gives administrators new options to manage and automate bot joining.
Sailpoint SCIM integration
Teleport will support Sailpoint as a SCIM provider allowing to synchronize Sailpoint entitlement groups with Teleport access lists.
Improved access requests UX
Teleport web UI will make a better distinction between just-in-time and long-term access request UX.
Automatic Resource Access Request Reviews
Teleport will extend automatic access request reviews to support resource-based access requests.
LDAP server discovery for desktop access
Teleport can now locate the address of the LDAP server via DNS as an alternative to providing the server address in the configuration file. This also serves as a form of client-side load balancing, eliminating the need for a load balancer in front of LDAP servers.
18.2.0
Encrypted session recordings
Teleport will provide the ability to integrate with Hardware Security Modules (HSMs) in order to encrypt session recordings prior to uploading them to storage.
Teleport Connect Managed Updates
Teleport Connect will be able to detect when application updates are available and automatically apply them on the next restart.
Teleport Device Trust Intune Support
Teleport will include a new hosted plugin for Microsoft's Intune suite, allowing trusted devices to be synchronized from the Intune inventory.
Terraform support for Access List members
Users will be able to provision Access Lists and their members (including other nested Access Lists) with terraform.
Teleport Cloud
The key deliverables for Teleport Cloud in the next quarter:
| Week of | Description |
|---|---|
| August 04, 2025 | Teleport 18.1 will begin rollout on Cloud. |
| August 04, 2025 | Teleport 18.1 agents will begin rollout to eligible tenants. |
Production readiness
Teleport follows semantic versioning for pre-releases and releases.
Pre-releases
Pre-releases of Teleport (versions with suffixes like -alpha, -beta, -rc)
should not be run in production environments.
Pre-releases of Teleport are great for testing new features, breaking changes, and backwards incompatibility issues either in development or staging environments.
Major Releases
Major releases look like 19.0.0.
Major releases of Teleport contain many large new features and may contain breaking changes.
Due to the scope and quantity of changes in a major release, we encourage deploying to staging first to verify your usage pattern has not changed.
Minor Releases
Minor releases look like 19.X.0.
Minor releases of Teleport typically contain smaller features and improvements. Minor releases can typically be deployed directly to production.
Most customers upgrade to the next major version of Teleport during the first minor release, such as 19.1.0.
Patch Releases
Patch releases contain small bug fixes and can typically be deployed directly to production.
Version compatibility
Teleport uses Semantic Versioning. Version numbers
include a major version, minor version, and patch version, separated by dots.
When running multiple teleport binaries within a cluster, the following rules
apply:
- Servers support clients that are one major version behind, but do not support
clients that are on a newer major version. For example, an 8.x.x Proxy Service
instance is compatible with 7.x.x agents and 7.x.x
tsh, but we don't guarantee that a 9.x.x agent will work with an 8.x.x Proxy Service instance. This also means you must not attempt to upgrade from 6.x.x straight to 8.x.x. You must upgrade to 7.x.x first. - Proxy Service instances and agents do not support Auth Service instances that are on an older major version, and will fail to connect to older Auth Service instances by default. For example, an 8.x.x Proxy Service or agent is not compatible with an 7.x.x Auth Service.