Teleport is the easiest, most secure way to access and protect all your infrastructure.
The Teleport Infrastructure Identity Platform implements trusted computing at scale, with unified cryptographic identities for humans, machines and workloads, endpoints, infrastructure assets, and AI agents.
Get started
You can quickly see how Teleport works by following our Get Started guide to enroll your first resource with Teleport.
Products
Zero Trust Access
Easy access to all your infrastructure on a foundation of cryptographic identity
Enroll and Protect Your Infrastructure
Apps, servers, databases, Kubernetes, desktops, & more
VNet: Build without VPNs
Secure app & SSH access with no VPNs or proxies
Secure MCP (Protect the Vibes)
Secure MCP integration with granular audit trail
Role-Based Access Control (RBAC)
Govern infrastructure access with granular permissions
Passwordless Authentication
Log in securely using biometrics
Integrate with SSO Providers
Connect Okta, Entra ID, Google, and more
Structured Audit Export
Forward audit logs to SIEMs like Splunk and Datadog
Identity-Based Audit Events
Detailed audit logs for every user action
Session Recording and Playback
Record a detailed review of what took place
Session Sharing and Moderation
Require a moderator for privileged sessions
Dual Authorization Capabilities
Require approvals to perform critical actions
Manage Clusters with IaC
Create, update, and manage Teleport in declarative code.
Machine and Workload Identity
Replace long-lived secrets with identity-based authentication and authorization
Intro to Machine & Workload ID
Replace long-lived secrets with identity-based auth
Deploy CI/CD Pipelines
Replace long-lived secrets in CI/CD pipelines
Secure Infrastructure as Code
Manage IaC workflows in Terraform and Pulumi
Hybrid & Multi-Cloud Authentication
Universal identities across cloud platforms
Workload to Workload Authentication
Service-to-service auth with mTLS
Identity Management for AI Agents
RBAC for autonomous agents and processes
Identity Governance
Manage identities by enforcing principles of least privilege and zero trust
Request Temporary Elevated Access
Eliminate standing privileges w/ just-in-time access
Manage Standing Access for Teams
Sync IdP groups to roles w/ automated reviews
Require Managed Devices for Access
Guarantee access only from trusted devices
Instantly Lock Identities & Sessions
Lock compromised users and resources
Integrate w/your Identity Provider(s)
Okta, Entra ID, and Sailpoint w/SCIM group sync
Federate Users to External Services
Use Teleport as SAML IdP to 3rd-party apps
Monitor for Risky Access
Identify risky access patterns and behaviors
Identity Security
Visualize access paths and identify security risks across your infrastructure
Expose Hidden Access Risks
Scan for SSH keys, repo access, and more
Identify Over-Privileged Users
Identify users with excessive standing privileges
Monitor Changes to Critical Resources
Monitor, alert on, and visualize access changes
Alert on Anomalous Activity
AI alerting on risky behaviors in your infrastructure
Unify Logs from Key Systems
Unify logs from Okta, AWS, GitHub, and more
Query Roles, Groups, & Permissions
Create custom tailored queries w/the SQL Editor
What's new in version 18
Zero Trust Access
MCP server access
Teleport now provides the ability to connect to stdio-based MCP servers with connection proxying and audit logging support.
Read more
Zero Trust Access
MCP for database access
Teleport now allows MCP clients such as Claude Desktop to execute queries in Teleport-protected databases.
Read more
Enroll Resources
Applications
Protect web apps, TCP apps, and Cloud APIs
Linux Servers
Secure Linux servers and OpenSSH servers
Databases
AWS, Azure, Google Cloud, cloud DB platforms, & more
Kubernetes Clusters
Kubernetes clusters and the apps running in them
Windows Desktops
With or without Active Directory
Auto-Discovery of Resources
SSH servers, databases, Kubernetes clusters and apps
Cloud Providers
AWS, Azure, and Google Cloud consoles and CLI
MCP and AI Agents
Secure agentic AI connections to databases & MCP servers
Architecture
The Teleport Infrastructure Identity Platform consists of a certificate authority and identity-aware access proxy that run either on the Teleport-managed cloud or, in special cases, a self-hosted private network.
Teleport Agents, which can run on Linux servers or Kubernetes, proxy access to infrastructure resources and cloud provider APIs. Users authenticate to infrastructure resources through Teleport Agents using short-lived certificates. Teleport Agents enforce role-based access controls by using certificates that embed user attributes.
Learn more: