ngrok is the fastest way to add authentication to your applications. Today, we are adding additional visibility for users logging into your application through our edge. Now you can see your application users in the ngrok dashboard and view their identity details. This includes contextual information about their device, browser, and network along with the ability to revoke a session instantly.
In this blog, I'll explain why this feature is a huge win for security and how you can take advantage of it today.
Continuous auth and context meet the edge
When we think of Zero Trust or BeyondCorp – I know, I get it, take a deep breath, I have a point – it’s not just detecting and responding to issues at authentication time. You need to secure the entire interaction from log in to log out. BeyondCorp and Zero Trust are new security approaches that shift security away from the traditional network perimeter and require every interaction to be authenticated. They are becoming popular as companies open up apps and data from private data centers to multiple clouds, SaaS services, and remote networks.
To keep systems safe, BeyondCorp and Zero Trust deploy new security controls that include:
Use security policies that combine multiple signals and context from the device, identity, and network.
Provide continuous auth and re-evaluate the security posture with every single request. ngrok users now have the ability to view, revoke, and block sessions in flight. And as we keep rolling out new features and integrations, it will become a key security component for any application.
The best part of App Users? It works seamlessly on top of the ngrok identity features. So, if you use OAuth, OIDC, or SAML, you get session visibility and controls without changing anything, drastically reducing the barrier of adoption for security.
App Users allow ngrok admins and developers to get information about identities with sessions in ngrok tunnels — including user details and contextual info about device, identity provider, and network — and revoke sessions with instant results. And as we keep rolling out new features and integrations, this will become a key security component for any application.
App Users are generally available today (docs here) and we're looking forward to hearing your feedback. If you have notes and questions, please reach us in our ngrok Slack community.
From there, you can also ask us for temporary access to all our features so you explore, play, and make our functionality even better.
Russ Savage is a Product Manager at ngrok focused on building amazing product capabilities for our users. He is a developer at heart and loves contributing to open-source projects when he can. He was previously building developer tools and experiences at InfluxData.