Teleport Adds LLM Proxy and Delegated Identity to Secure AI Agent Actions and Access

Enterprises are rapidly adopting AI agents to automate tasks across cloud environments, but most existing solutions focus on routing traffic to large language models without governing what those agents can actually do. This creates a blind spot: agents can inadvertently or maliciously access databases, APIs, or internal services without any identity verification or audit trail. Teleport’s Agentic Identity Framework addresses that gap by treating each AI instance as a first‑class identity, extending the company’s zero‑trust security model to the AI layer.

The newly released LLM Proxy acts as a gatekeeper between an agent and its inference endpoint. Every prompt and response passes through the proxy, where Teleport applies per‑Beam allow lists that dictate which resources an agent may invoke and under what conditions. The proxy records each interaction in a tamper‑resistant audit log, giving security teams real‑time visibility into agent behavior and the ability to enforce policy before any downstream action occurs. This approach mirrors traditional network firewalls but is tailored for the dynamic, high‑throughput nature of LLM traffic.

Delegated Identity complements the proxy by issuing just‑in‑time, least‑privilege credentials to each agent. Rather than relying on static service accounts, an operator or upstream agent defines the exact permissions required for a specific task, and Teleport automatically revokes them when the task completes. This JIT model limits the blast radius of a compromised agent and aligns AI workflows with compliance frameworks that demand granular access control and traceability. Together, LLM Proxy and Delegated Identity give organizations the confidence to scale AI automation while preserving the security posture of their critical infrastructure.