> ## Documentation Index
> Fetch the complete documentation index at: https://ngrok.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Traffic Policy Overview

> Learn about ngrok's Traffic Policy for authenticating requests, rate limiting traffic, rewriting URLs, and applying security controls.

ngrok's Traffic Policy is a configuration language that offers you the flexibility to filter, match, manage, and orchestrate traffic to your endpoints.

* Validate incoming traffic, block malicious traffic, rewrite URLs, and respond with custom content.
* Forward traffic to your agents running across the globe and orchestrate traffic across your infrastructure.
* Add Traffic Policies to any type of ngrok endpoint to scope traffic management for each of your endpoints.

<Columns cols={2}>
  <Card icon="gears" title="How It Works" href="/traffic-policy/how-it-works">
    Learn how Traffic Policy works under the hood.
  </Card>

  <Card icon="play" title="Get Started" href="/traffic-policy/getting-started/agent-endpoints/">
    Create your first Traffic Policy and start an endpoint to see it in action.
  </Card>

  <Card icon="clapperboard" title="Actions" href="/traffic-policy/actions/">
    Actions are how you manage traffic in your Traffic Policies. They allow you to modify request headers, transform response bodies, and more.
  </Card>

  <Card icon="grip" title="Examples" href="/traffic-policy/examples/">
    Explore a gallery of real-world examples to see how you can incorporate Traffic Policy into your setup.
  </Card>
</Columns>

## Features

* [Actions](/traffic-policy/actions/) - Transform, redirect, and manage traffic flow with actions like `add-headers`, `rate-limit`, and `jwt-validation`.
* [Variables](/traffic-policy/variables/) - Predefined values representing things like the IP address associated with a request, the URL of the endpoint accepting the traffic, and more, which can be used to dynamically manage traffic.
* [Macros](/traffic-policy/macros/) - Apply macros in rule conditions to refine traffic segmentation and configure actions with dynamic precision.

## Use cases

<Columns cols={2}>
  <Card title="Block unwanted requests" icon="shield" href="/traffic-policy/examples/block-unwanted-requests/">
    Block malicious traffic, Tor exit nodes, bots, and specific IP addresses
    from accessing your endpoints.
  </Card>

  <Card title="Add authentication" icon="key" href="/traffic-policy/examples/add-authentication/">
    Add JWT validation, OAuth, OIDC, and basic authentication to secure
    your endpoints.
  </Card>

  <Card title="Rate limit requests" icon="gauge" href="/traffic-policy/examples/rate-limit-requests/">
    Rate limit requests based on endpoint, IP address, or API key to
    protect your services.
  </Card>

  <Card title="Rewrite URLs" icon="pencil" href="/traffic-policy/examples/url-rewrites/">
    Rewrite URLs and paths to route traffic to different backend services
    or endpoints.
  </Card>
</Columns>

## What's next?

* Get started by applying a Traffic Policy to your app with the [ngrok agent](/traffic-policy/getting-started/agent-endpoints/).
* Learn the [key concepts](/traffic-policy/how-it-works) that make up a Traffic Policy and how it works.
* Explore [practical examples](/traffic-policy/examples/) to see Traffic Policies in action.