Skip to main content
The ngrok agent is a lightweight command-line program that creates secure tunnels from ngrok’s global network to your local services, devices, and applications. It enables you to expose services behind firewalls and NATs, connect remote devices, and create secure site-to-site connectivity without complex network configuration.
  • It runs as a standalone executable with zero runtime dependencies on all major operating systems.
  • It supports HTTP, HTTPS, TCP, and TLS protocols for any application or service.
  • You can run multiple endpoints simultaneously and manage them via configuration files or the CLI.
  • You can install it as a native OS service for automatic startup, crash recovery, and background operation.

Concepts

Here are the core elements you should familiarize yourself with to make the most of ngrok’s secure tunnels:

Agent CLI

Use the command line to start endpoints, manage configuration, and interact with the ngrok API.

Configuration File

Define multiple endpoints, run multiple tunnels simultaneously, and manage complex tunnel configurations with YAML.

Authtokens

Authenticate your agent with ngrok and create endpoints using credentials scoped to your account.

TLS Termination

Secure traffic with end-to-end encryption by terminating TLS at the agent.

SSH Reverse Tunnel

Create secure tunnels using SSH public key authentication for agent connections.

Features

Here are the primary capabilities of ngrok’s secure tunnel agent:
  • Support for multiple protocols - Create HTTP, HTTPS, TCP, and TLS endpoints for any application or service.
  • Background service - Install as a native OS service with automatic startup and crash recovery.
  • Remote management - Stop, restart, or upgrade agents remotely via API or dashboard.
  • Custom connect URLs - Brand your agent connections with custom domains for white-label deployments.
  • API integration - Built-in CLI for the ngrok API to manage endpoints, domains, and resources programmatically.

Use cases

Here are some of the most common use cases for ngrok’s secure tunnel agent:

Agent-assisted gateway

Bridge localhost development with the public internet for AI coding tools, webhook testing, and real authentication flows.

Secure developer environments

Give each developer their own public URL to route traffic and webhooks into their local development environment.

Webhook gateway

Centralize webhook validation and routing from third-party providers to secure your integrations.

API gateway

Create an API gateway with internal agent endpoints and centralized traffic management policies.

What’s next?