Teleport Access Plane

Access Workflows

Allow users to request privilege escalation using access workflows. Approve or deny requests via Slack, PagerDuty, and other ChatOps tools. Define custom access workflows via the API using a favorite programming language.

Feature Overview

Move away from roots and admins

Access workflows allow for the implementation of the principle of least privilege, which states that a client should be given only those privileges needed for it to complete the task at hand. This removes the need for super-privileged accounts.

access workflows

Leverage existing tools

Access workflows integrate with the tools already in use, such as Slack, PagerDuty, and others. This allows security teams to approve or deny requests quickly and avoids frustration for engineers who need to get the job done.

slack approval

Customized fit

The Teleport API allows developers to define custom access workflows using a programming language they are familiar with. Teleport follows the “access as code” philosophy instead of “access as configuration”. 

# use your favorite programming language
def process_request(req):

#  grant admin only on registered computers
if req.roles.contains("admin") and registered_computer(req.user):
  raise AccessDenied("use registered computer for privileged access")

# contractors should provide a valid ticket    
if req.traits['team'] == "contractor" && not jira.get_ticket(req.note):
  raise AccessDenied("provide an active JIRA ticket")

Youtube Demo Video

Native Demo Video

MuleSoft

Teleport reduces the operations and the support burden normally associated with on-premises software. The product also decreases the time it takes to adopt open source technology while enabling consistent application environments across deployments.

Helgi Þorbjörnsson
Helgi Þorbjörnsson Principal Architect, MuleSoft
Read the Mulesoft Case Study

Works with everything you have

Teleport is open source and it relies on open standards such as X.509 certificates, HTTPS, SAML, OpenID connect and others. Deployed as a single-binary it seamlessly integrates with the rest of your stack.

Puppet
Puppet
Google Cloud
Google Cloud
AWS
Amazon
Linux
Linux
Azure
Azure
Chef
Chef
Okta
Okta
Free BSD
Ansible
One Login
One Login
Auth0
Auth0
Windows
Active Directory
Kubernetes
Kubernetes

Easy to get started

Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security.

Teleport consists of just two binaries.

  1. The tsh client allows users to login to retrieve short-lived certificates.
  2. The teleport agent can be installed on any server or any Kubernetes cluster with a single command. 
# on a client
$ tsh login --proxy=example.com

# on a server
$ apt install teleport

# in a Kubernetes cluster
$ helm install

Try Teleport today

In the cloud, self-hosted, or open source

Get started
View developer docs

Explore resources

Learn more about

Features

Key feature listing and details

Nearly all Teleport features are available in the open source package.

Demo

Five minute demo of Teleport

This short video shows the basic capabilities of Teleport, Quickly access any computing resource anywhere .

Docs

Teleport Quick Start Guide

Developer Documentation for using Teleport. This tutorial will guide you through the steps needed to install and run Teleport on Linux machines.

How it works

Deep dive into how Teleport works

Learn the fundamentals of how Teleport works. The following is a series of articles describing key Teleport concepts.

This site uses cookies to improve service. By using this site, you agree to our use of cookies. More info.