API Keys are used to authenticate to the ngrok
API. You may use the API itself
to provision and manage API Keys but you’ll need to provision your first API
key from the API Keys page on your
ngrok.com dashboard.
Certificate Authorities are x509 certificates that are used to sign other
x509 certificates. Attach a Certificate Authority to the Mutual TLS module
to verify that the TLS certificate presented by a client has been signed by
this CA. Certificate Authorities are used only for mTLS validation only and
thus a private key is not included in the resource.
Tunnel Credentials are ngrok agent authtokens. They authorize the ngrok
agent to connect the ngrok service as your account. They are installed with
the ngrok config add-authtoken command or by specifying it in the ngrok.yml
configuration file with the authtoken property.
Endpoints provides an API for querying the endpoint objects
which define what tunnel or edge is used to serve a hostport.
Only active endpoints associated with a tunnel or backend are returned.
IP Policies are reusable groups of CIDR ranges with an allow or deny
action. They can be attached to endpoints via the Endpoint Configuration IP
Policy module. They can also be used with IP Restrictions to control source
IP ranges that can start tunnel sessions and connect to the API and dashboard.
An IP restriction is a restriction placed on the CIDRs that are allowed to
initiate traffic to a specific aspect of your ngrok account. An IP
restriction has a type which defines the ingress it applies to. IP
restrictions can be used to enforce the source IPs that can make API
requests, log in to the dashboard, start ngrok agents, and connect to your
public-facing endpoints.
Reserved Addresses are TCP addresses that can be used to listen for traffic.
TCP address hostnames and ports are assigned by ngrok, they cannot be
chosen.
Reserved Domains are hostnames that you can listen for traffic on. Domains
can be used to listen for http, https or tls traffic. You may use a domain
that you own by creating a CNAME record specified in the returned resource.
This CNAME record points traffic for that domain to ngrok’s edge servers.
SSH Host Certificates along with the corresponding private key allows an SSH
server to assert its authenticity to connecting SSH clients who trust the
SSH Certificate Authority that was used to sign the certificate.
SSH User Certificates are presented by SSH clients when connecting to an SSH
server to authenticate their connection. The SSH server must trust the SSH
Certificate Authority used to sign the certificate.
TLS Certificates are pairs of x509 certificates and their matching private
key that can be used to terminate TLS traffic. TLS certificates are unused
until they are attached to a Domain. TLS Certificates may also be
provisioned by ngrok automatically for domains on which you have enabled
automated certificate provisioning.
Tunnel Sessions represent instances of ngrok agents or SSH reverse tunnel
sessions that are running and connected to the ngrok service. Each tunnel
session can include one or more Tunnels.