basic_auth | Array of username:password Strings | This is a list of username:password combinations to use for basic authenticate. Passwords must be at least 8 characters long. |
circuit_breaker | Float | Reject requests when 5XX responses exceed this ratio |
compression | true, false | gzip compress HTTP responses from your web service |
host_header | rewrite, preserve, custom | Rewrite the HTTP Host header to this value, or preserve to leave it unchanged. The rewrite option will rewrite the host header to match the hostname of the upstream service you are sending traffic to. |
domain | Any valid domain or hostname that you have previously registered with ngrok. | The domain to request. If using a custom domain, this requires registering in the ngrok dashboard and setting a DNS CNAME value. When creating wildcard endpoints, you will need to surround the value with single quotes (domain: ‘*.example.com’). |
inspect | true, false | enable/disable the http request inspection in the web and agent API (default: true) |
ip_restriction.allow_cidrs | Array of CIDRs | Rejects connections that do not match the given CIDRs |
ip_restriction.deny_cidrs | Array of CIDRs | Rejects connections that match the given CIDRs and allows all other CIDRs. |
mutual_tls_cas | Valid system path | The path to the TLS certificate authority to verify client certs in mutual TLS |
oauth.allow_domains | Array of Strings | Allow only OAuth2 users with these email domains |
oauth.allow_emails | Array of Strings | Allow only OAuth users with these emails |
oauth.scopes | Array of Strings | Request these OAuth2 scopes when a user authenticates |
oauth.provider | String | enforce authentication OAuth2 provider on the endpoint, for example, ‘google’. For a lit of available providers, see OAuth2 providers. |
policy.inbound.name | String | policy has been renamed to traffic_policy in agent version 3.14.0. |
policy.inbound.expressions | Array of Strings | policy has been renamed to traffic_policy in agent version 3.14.0. |
policy.inbound.actions.type | String | policy has been renamed to traffic_policy in agent version 3.14.0. |
policy.inbound.actions.config | custom | policy has been renamed to traffic_policy in agent version 3.14.0. |
policy.outbound.name | String | policy has been renamed to traffic_policy in agent version 3.14.0. |
policy.outbound.expressions | Array of Strings | policy has been renamed to traffic_policy in agent version 3.14.0. |
policy.outbound.actions.type | String | policy has been renamed to traffic_policy in agent version 3.14.0. |
policy.outbound.actions.config | custom | policy has been renamed to traffic_policy in agent version 3.14.0. |
proto | http | The tunnel protocol name. This defines the type of tunnel you would like to start. |
proxy_proto | String | The version of PROXY protocol to use with this tunnel, empty if not using. Example values are 1 or 2. |
request_header.add | Array of key:value Strings | The headers to add to the request in the key:value format. |
request_header.remove | Array of Strings | The header keys to remove from the request. |
response_header.add | Array of Strings | The headers to add to the response in the key:value format. |
response_header.remove | Array of Strings | The header keys to remove from the response. |
schemes | http, https | Create an HTTP or HTTPS endpoint (or both) |
subdomain | Any valid combination of letters, numbers, hyphens or periods. | subdomain name to request. If unspecified, ngrok provides a unique subdomain based on your account type. |
traffic_policy.on_http_request.name | String | The name of an on_http_request rule that is part of a Traffic Policy |
traffic_policy.on_http_request.expressions | Array of Strings | Expressions written using CEL that filter traffic the on_http_request policy rule applies to |
traffic_policy.on_http_request.actions.type | String | The type of action that should be executed when this on_http_request policy rule is activated |
traffic_policy.on_http_request.actions.config | custom | The configuration required for the specific type of action specified |
traffic_policy.on_http_response.name | String | The name of an on_http_response rule that is part of a Traffic Policy |
traffic_policy.on_http_response.expressions | Array of Strings | Expressions written using CEL that filter traffic the on_http_response policy rule applies to |
traffic_policy.on_http_response.actions.type | String | The type of action that should be executed when this on_http_response policy rule is activated |
traffic_policy.on_http_response.actions.config | custom | The configuration required for the specific type of action specified |
user_agent_filter.allow | Array of Strings | Allows User-Agents that match against these RE2 Regular Expressions |
user_agent_filter.deny | Array of Strings | Denies User-Agents that match against these RE2 Regular Expressions |
verify_webhook.provider | String | Verify webhooks are signed by this provider, for example, ‘slack’. For a full list of providers, see Webhook Verification Providers. |
verify_webhook.secret | String | The secret used by provider to sign webhooks, if there is one |
websocket_tcp_converter | true, false | Convert ingress websocket connections to TCP upstream |