Authentication Examples
You can use Traffic Policy to add authentication to your endpoints, granting conditional access to traffic trying to reach your services. This page demonstrates a few example rules that do so.
JWT authentication
This rule adds key-based rate limiting to your endpoints based on your consumers' JWTs. See the Auth0 guide for more information.
Loading…
Show agent config example
See the rate-limit Traffic Policy action docs for more information.
Conditional access using OAuth variables
This rule grants conditional access to a page using the following ngrok OAuth action result variables:
actions.ngrok.oauth.identity.email.endsWith('ngrok.com')- Checks the email address of the authorized user from the provider. In the example, if the email address's domain is
ngrok.com, the user will be granted access to the page.
- Checks the email address of the authorized user from the provider. In the example, if the email address's domain is
actions.ngrok.oauth.identity.name- Gets the name of the authorized user from the provider. In this example, the name will be displayed in a welcome message or a rejection message depending on if the user is authenticated.
Loading…
Show agent config example
See the oauth Traffic Policy action docs for more information.
Sending an OIDC identity token over headers
This rule uses the actions.ngrok.oidc.identity_token OIDC action result variable to send the OIDC identity token over headers to the service at the endpoint.
Loading…
Show agent config example
See the openid-connect Traffic Policy action docs for more information.