ngrok December update: Dashboard SSO, Identity-Aware Ingress
The last month has been busy at ngrok!
We’re tremendously proud to announce we’ve raised $50M in funding from Lightspeed Ventures and Coatue to grow ngrok’s API-first ingress as a service platform for developers.
What’s the tl;dr this month?
- Dashboard SSO: Manage your ngrok account /w Okta, Azure AD, SAML
- Identity-Aware Ingress: See who’s logged into your apps protected with ngrok’s auth
- Docs Refresh: Reorganized with a fresh look, search + dark mode
- Open Source Contributions: We’ve released firewall_toolkit, ngrok’s idiomatic Go package for working with nftables
🎉 Product Updates
Dashboard Single Sign-On (SSO)
We know that meeting IT requirements is key to bringing ngrok into your company. Available on the Enterprise plan, you may now secure access to the ngrok dashboard with any IdP that supports SAML, including Okta and Azure AD.
Identity Aware Ingress
When you protect your apps with OAuth, OIDC or SAML, ngrok presents real-time observability of authenticated users and browsers sessions accessing your endpoints. Beyond simple visibility, you may also revoke sessions instead of waiting for them to expire to remove access or force a user to reauthenticate. We call this feature App Users and it’s available to all paying customers on your dashboard and via API.
Try it out:
1. Launch a tunnel with oauth:
ngrok http 80 --oauth=google
2. Visit your endpoint URL in a browser and authenticate with Google
3. Visit App Users on your ngrok dashboard to see your browser session and user details
New Docs
We know how critical excellent documentation is. We completely overhauled our documentation to improve its layout, navigation, organization + added search to make it easier to find what you’re looking for. We also reworked the visual style and added 🌙 dark mode to keep your eyes happy.
Other Product Improvements
Webhook verification reaches 60+ integrations: Verify the integrity of your webhooks at ngrok’s edge with just a couple command line arguments. In addition to providers like Slack, Twilio, Stripe & GitHub, we’ve just added new support for Svix, Worldline, and Mailgun. Try it out (you may need to download to the latest ngrok agent):
ngrok http 80 --verify-webhook=mailgun \
--verify-webhook-secret={secret}
💙 Community
firewall_toolkit for Go open sourced!: We protect your apps with an adaptive firewall that dynamically identifies and blocks threats. We’re contributing the low-level components we use to build that system to the community. ngrok/firewall_toolkit is a collection of golang packages built on top of google/nftables. It provides a high level API for managing nftables sets and rules as well as building the appropriate bpf objects to add bpf/ebpf filters to nftables.
Check out the repository on GitHub >
webhooks.fyi: Webhooks.fyi is our comprehensive reference of webhook providers as well as best practices for securely building and consuming webhooks. This month, webhooks fyi crossed 100 stars in github and earned the developer tool of the month in Product Hunt.
Conference talks
We are out in the community speaking at conferences. We’d love to meet you, come say hi!:
- Snyk DevSecCon - Simple ways to make webhook security better (recording) In this session, we will learn the most common, interesting, and challenging patterns across 100+ webhook implementations, and learn some simple ways to make webhook security better (for providers and consumers).
- THAT Conference - Webhook sec in action! (bring your fave HTTP client) (Jan-17) At this in person event, we’ll dive into the risks and consequences of poorly secured webhooks and manipulate an application live. Bring your favorite HTTP client to join the fun. You can also use the code ngrokrocks for a discount on tickets.