CommandPlane.com
Sign in Start free

Secure IoT access.
Only two [stable] IPs to whitelist.

CommandPlane is a developer-first control plane for field devices. Install one daemon. We provision two stable endpoints per user and keep tunnels alive behind NAT and firewalls. Embed the console in your own dashboard.

Install the daemon View example
Quick start
curl -fsSL https://commandplane.com/install.sh | bash

# Enroll the device (MAC + token)
cpctl enroll --org acme --token $CP_TOKEN

# Start the daemon (Docker required)
cpctl daemon start

# Open an SSH session via your user endpoint
ssh -J user@cp-gateway device-123.local
Network overview
field-device-123 daemon + docker outbound tunnel CommandPlane gateway · broker · api user endpoint A user endpoint B iframe console user@ops ssh / https via endpoints
Developer-first

Install with one script. CLI or API. Clean docs. No portals.

Two endpoints / user

Stable endpoints for shell and web. No static IPs. No tickets.

Runs anywhere

Tiny daemon + Docker sidecar. ARM, x86, cloud, edge.

01
Enroll the device

MAC + device token. The daemon opens an outbound tunnel.

02
Claim your endpoints

Two per user. Use SSH jump host or HTTPS proxy.

03
Embed the console

Iframe the device list and quick actions into your app.

mTLS + key rotation
Device keypairs, short-lived tokens, org isolation.
Least privilege
Scoped endpoints, role-aware access, audited connects.
Production ready
Auto-reconnect <2s, HA gateway, regional failover.
Try it in 60 seconds
# 1) Install
curl -fsSL https://commandplane.com/install.sh | bash

# 2) Enroll
cpctl enroll --org acme --token $CP_TOKEN

# 3) Shell
ssh -J user@cp-gateway device-123.local
Open Docs