ngrok is built for managing connectivity across large device fleets. Every operation is available via API, so you can wire ngrok into your existing pipeline and manage your entire fleet programmatically.Documentation Index
Fetch the complete documentation index at: https://ngrok.com/docs/llms.txt
Use this file to discover all available pages before exploring further.
Centralized control
Run a single ngrok account and isolate each customer or site with:- Per-device auth tokens scoped with ACL bindings so each token can only create endpoints on its assigned domain
- Wildcard domains for unique URLs per site (e.g.,
*.factory.example.com) - Service Users to create authtokens independent of any user account
factory1.example.com.
Credential management
Create, scope, rotate, and revoke authtokens from your cloud without physical access to devices:- Create tokens via the Authtokens API
- Scope tokens with ACL bindings to limit which endpoints they can create
- Rotate tokens by creating a new token and revoking the old one
- Revoke a compromised token immediately without affecting other devices
On-demand tunnels
Fire up endpoints when you need them and wind them down when you don’t. On Pay-as-you-go plans, billing is per active endpoint hour—one where traffic is actually flowing—so you only pay when a device is in use. Use the ngrok API or the Agent API to manage tunnel lifecycle programmatically from your cloud.Observability
Publish tunnel status, connection events, and traffic metrics to your telemetry platform. When a device drops, you’ll know before anyone files a ticket.- Use Event Subscriptions to stream events to your logging infrastructure
- Monitor agent status and tunnel health via the ngrok API
Next steps
- Full walkthrough: see multi-tenancy and credential management in action
- Security: credential rotation, IP restrictions, and compliance
- Python SDK guide: manage device connectivity programmatically with the SDK