The Teleport API allows developers to define custom access workflows using a programming language they are familiar with. Teleport follows the “access as code” philosophy instead of “access as configuration”.
# use your favorite programming language
# grant admin only on registered computers
if req.roles.contains("admin") and registered_computer(req.user):
raise AccessDenied("use registered computer for privileged access")
# contractors should provide a valid ticket
if req.traits['team'] == "contractor" && not jira.get_ticket(req.note):
raise AccessDenied("provide an active JIRA ticket")