Teleport Unified Access Plane


Unified Access Plane

Unify secure access to servers, Kubernetes clusters, applications, and databases

Teleport Unified Access Plane
Teleport Server Access

Teleport Server Access

Learn more
Teleport Kubernetes Access

Teleport Kubernetes Access

Learn more
Teleport Application Access

Teleport Application Access

Learn more


Implement security and compliance

Teleport implements industry best security practices out of the box and brings all computing resources into compliance with security standards such as SOC2, PCI, and FedRAMP by providing all necessary access controls as well as audit and visibility into access and behavior across all computing environments

 Simple Management of Application User Connectivity
Role Based Access Control

Access controls

Use flexible access controls to implement compliance standards such as SOC2, PCI and FedRAMP. This includes MFA, short-lived certificates, RBAC, concurrent sessions control, and others. Teleport even adds compliance to legacy resources, such as internal dashboards.

Access Workflows

Access workflows

Teleport supports multiple common access workflows out of the box, such as on-demand privilege escalation requests and dual session authorization. Access can be approved or denied via ChatOps, Slack, PagerDuty, or customize access approval via the API.

Visibility into Access and Behavior

Visibility into access and behavior

Teleport converts all actions across all computing resources and environments into JSON events. DevSecOps engineers can see interactive sessions, command executions, filesystem changes, database queries and network connections in real time.

Trust Federation

Trust federation

Teleport Unified Access Plane manages X.509 certificate authorities to federate trust between computing resources across independent organizations. For example, a service provider and their customers can be connected by mapping users and roles between organizations.


Access for engineers that doesn't get in the way

Engineers can discover and instantly access any computing resource on any cloud, data center,bit or on the edge. There is no need to manage shared secrets or SSH keys, to wrestle with VPNs, or to jump between multiple access points

Access for Engineers that Doesn't Get in the Way
Single Sign On

Single sign on (SSO) with multi-factor

Teleport issues credentials for everything an engineer needs with a single sign-on (SSO) login with multi-factor authentication. It integrates with all enterprise and community SSO providers, including GitHub, Okta, Active Directory, Google, and others.

Role Based Access Control

Unified resource catalog

Teleport provides a dynamic view of all computing resources. Engineers see all servers, Kubernetes clusters, internal applications, databases, and even live sessions on any infrastructure across all environments anywhere in the world.

Session Sharing & Recording

Session sharing and recording

Teleport allows engineers to invite colleagues to collaborate in a shared session. Work together to troubleshoot a problem on a remote server, a Kubernetes cluster, or even on each others’ laptop. Record sessions for knowledge sharing purposes.


Reduce operational overhead

Teleport delivers industry security best practices out of the box with minimal configuration. Available as a cloud subscription or a self-hosted option, it removes the need to stitch together multiple complex legacy tools that are costly to maintain at scale

Teleport Cloud

Easy to deploy and maintain

Teleport is a self-updating, single binary. Designed to be as maintenance-free as possible, it can be deployed as a UNIX daemon or as a Kubernetes service, but supports an agentless mode too. This is as lightweight as it gets in the DevOps world.

Compatible with everything

Teleport is built on open standards and is fully compatible with OpenSSH clients and servers, kubectl and other Kubernetes tools, configuration management utilities, all CI/CD solutions, database clients, and all identity providers.

Cloud and self-hosted

Teleport is available as a cloud offering and as a self-hosted option. Both deployment methods can even be mixed and matched to find the perfect balance between company mandated security policies, ease of use and compliance needs.


Works with everything you have

Teleport Unified Access Plane is open source and it relies on open standards such as SSH, HTTPS, SAML, OpenID connect and others. Deployed as a single-binary drop-in replacement for OpenSSH, it seamlessly integrates with the rest of your stack

Google Cloud
Open BSD
Free BSD
One Login

Pricing and Platforms

Teleport Unified Access Plane comes in three flavors. The commercial offerings have a minimum base price and are priced by usage - see details

  • Unified Access Plane
  • Host anywhere
  • Single sign-On
  • Role based access control
  • Fully managed
  • Supported

Open source


Designed for engineers who prefer to build their own software. Often used by individual developers or small teams.



per resource/month

Designed for engineering teams that require the peace of mind and simplicity of a hosted and managed service.



per resource/month

Designed for engineering teams that demand the flexibility to run software anywhere, on any infrastructure.

Unified Access Plane
Yes Yes Yes
Host anywhere
Yes no Yes
Single sign-on
partial Github Only Yes Yes
Role based access control
no Yes Yes
Fully managed
no Yes no
Premium support
no Yes Yes

Try Teleport today

In the cloud, self-hosted, or open source

View developer docs

This site uses cookies to improve service. By using this site, you agree to our use of cookies. More info.