We strive to take ingress off developers’ plates with our platform and that requires making security-focused features accessible and easy to use. Today, I'm proud to announce an important step in that direction: we're adding our security features — OAuth and Webhook validation — to our free plan.
Today, we are adding additional visibility for users logging into your application through our edge. Now you can see your application users in the ngrok dashboard and view their identity details. In this blog, I'll explain why this feature is a huge win for security and how you can take advantage of it today.
Webhooks are the foundation of modern API development. They enable us to react to changes in our systems, an incoming text message, a successful payment, or that latest pull request no matter our stack. While webhooks are universal in concept, they are unstandardized API contracts with few organizations paying attention to their design, security controls, and overall operational experience.
While ngrok has made it easy to launch your fantastic new app online in one line, bad actors have also used this capability to launch their own attacks. Blocking and eliminating this malicious behavior is key to what we do and we've taken another step to protect users without breaking legitimate applications.
Launching the ngrok security and trust portal is another step to towards transparency in how we approach the security of the ngrok service, our shared security model, how we handle data, and the steps we take to protect it.
How to run ngrok with Slack webhook authentication? How to use GitHub OAuth? How to serve files? This cheat sheet shows the main commands! Print it and hang it on your wall or download it and keep it on hand.
Learn how to use ngrok Cloud Edge middleware to address app requirements – such as observability, load balancing, compression, and security – fast and without the burden of running and maintaining a middleware infrastructure.
ngrok Secure Tunnels provides a simple to enable remote access to systems. With one command— i.e. `ngrok http 80` — you can share your apps, APIs, and systems with the world, without complex network configuration, reliability issues, and NAT. However, with power comes great responsibility so let's add OAuth 2.0