How to get Unifi controller working behind Teleport

Accessing applications behind Teleport provides a secure way of logging into applications through HTTPS as well as behind the Teleport OTP.

Assuming your Teleport URL is as follows:

And your Unifi controller has the the following URL:

You’ll find that you encounter a 403 error upon login to your Unifi controller. In order to solve this, use the following app config in your /etc/teleport.yml:

  enabled: "yes"
  debug_app: false
  - name: unifi
    uri: https://localhost:8443
    public_addr: ""
    insecure_skip_verify: true
      - "Origin:"
      - "Host:"

The important parts to take note of are the Origin and Host parts. Be sure to restart teleport after the config change and the 403 error will be a thing of the past.