On the outer layer of the system is Cloud Edge. It enables developers to deploy powerful pre-packaged functionality in front of their applications at ngrok’s network edge with a single command.
Authentication + authorization using open standards and patterns such as OAuth 2.0, OpenID Connect, SAML, Mutual TLS, Webhook Signature Verification
Automated TLS certificates to eliminate certificate management
Resiliency via global redundancy
Observability with logging and SIEM integration
Acceleration with HTTP2 on the edge
Load balancing with simple, shared configurations
Most importantly, Cloud Edge is dynamically reconfigured based on the command line options you provide at runtime or from the persistent configuration you can configure in the ngrok Dashboard or API.
ngrok Secure Tunnels
Within the system, Secure Tunnels connects the ngrok cloud to your application. With Secure Tunnels we rethought tunneling to ensure that enterprise security teams can understand, monitor, and control the connectivity within their organization.
Role Based Access Control for the ngrok Dashboard
Per-agent authtokens with policy scoping ACLs
Audit logs and SIEM integrations of accesses to tunnel endpoints
Remote termination and over-the-air updates of ngrok agents.
Per-account agent ingress endpoints to disallow the use of personal ngrok accounts.
Unfortunately, the product with the most powerful features often becomes the most complicated and therefore, unused product. Based on our goal of empowering developers, the solution was simple.
ngrok is completely programmable
Our HTTP API is a first class citizen for all functionality in Cloud Edge and Secure Tunnels to integrate ngrok into your stack. and workflows. This includes all the supporting tooling developers expect including:
A scriptable, native JSON-first CLI for all resources for scripting baked directly into the ngrok agent with command line completion for all resources
Native API Client Libraries in several major programming languages
A first-party terraform provider to define your ngrok infrastructure as code
And other capabilities on the drawing board
This combination allows you to integrate ngrok directly into your existing workflows and tooling seamlessly.
ngrok has programmable events
In order to expand ngrok’s use in the enterprise, organizations need to know who is doing what and when. Now you can configure your ngrok account to listen for and send JSON log events in real-time to a destination of your choice. This allows your security operations team to plug ngrok directly into their existing tools and practices.
ngrok released the v3 agent
With the release of Cloud Edge and Secure Tunnels, we also released a new major version (v3) of our agent. The ngrok agent is packaged and distributed via your favorite package managers including homebrew, chocolatey, apt and snap. We publish a first party native Docker container as well.
Existing customers do not need to upgrade to the new agent. Your previous v2 agents will continue to work indefinitely.
Be aware that the v3 agent is not fully backward compatible. Please consult our agent upgrading guide to help you through the transition.
ngrok continues to invest in security & trust
As we announced recently, we completed our first SOC2 audit. We are continuing to invest in security, trust, and compliance initiatives for the foreseeable future in addition to actively engaging to counter and eliminate abuse.
ngrok has changed its pricing
With the release of new products with a variety of new use cases, we shifted our pricing to better match product boundaries and capabilities.
If you’re on an existing paid plan, your pricing will not change. All existing paying customers have been grandfathered into their existing pricing.
We will soon begin enforcing some usage restrictions on bandwidth and connection rate for free accounts. If you’re over those limits, we’ll reach out to you first and help you with your options through this transition.
Throughout all of this, our underlying goal of empowering developers is the single unifying principle that drives everything. Whether you need to make your application available to your team or launch it for your entire customer base, we want to give you the systems and capabilities to let you build, deploy, and scale confidently every time.
Keith Casey serves on the Product/GTM Team at ngrok helping teams launch their systems faster and easier than ever before. Previously, he served on the Product Team at Okta working on Identity and Authentication APIs, as an early Developer Evangelist at Twilio, and worked to answer the Ultimate Geek Question at the Library of Congress. His underlying goal is to get good technology into the hands of good people to do great things. In his spare time, he writes at CaseySoftware.com and lives in the woods. He is also a co-author of A Practical Approach to API Design.