Implement the 'Front Door' Pattern

The "front door" pattern involves using a Cloud Endpoint, the forward-internal Traffic Policy action, and an internal Agent Endpoint to route traffic from the public internet to your service(s).

With this pattern, you can:

Host any number of services under a single hostname (e.g. your-company.com).
Decouple gateway configuration from per-service traffic management policies.
Prevent any driect exposure of your services or their host systems to the public internet.
Route traffic and add authentication to microservices with a single API gateway configuration.
Authenticate developer environments or CI preview builds behind a single endpoint.

1. Create an endpoint for your service

Start an internal Agent Endpoint, replacing $PORT based on where your service listens. You can also use one of our SDKs or the Kubernetes Operator.

Loading…

2. Reserve a domain

Navigate to the Domains section of the ngrok dashboard and click New + to reserve a free static domain like https://your-service.ngrok.app or a custom domain you already own.

3. Create a Cloud Endpoint

Navigate to the Endpoints section of the ngrok dashboard, then click New + and Cloud Endpoint. Now you have a Cloud Endpoint with the URL like https://your-service.ngrok.app.

4. Add routing to your service with Traffic Policy

Copy and paste the policy below into your new Cloud Endpoint in the ngrok dashboard.

Loading…

What's happening here?

On every HTTP request, the Traffic Policy engine forwards the traffic to the internal agent endpoint you created at https://service.internal.

5. Add a second service and routing (optional)

If you have another service to host under the front door pattern, start another agent.

Loading…

5a. Update your routing based on paths

Copy and paste the policy below into the ngrok dashboard, replacing /one and /two with the paths you'd like to use for routing traffic to each service.

Loading…

6. Try out your endpoint!

In your browser: https://your-service.ngrok.app
In your terminal: curl https://your-service.ngrok.app

What's next?

Read more about Traffic Policy and its core concepts.
Add authentication to your endpoint with the oauth action action or basic-auth action.
View your traffic in Traffic Inspector.

← Check out more examples

1. Create an endpoint for your service​

2. Reserve a domain​

3. Create a Cloud Endpoint​

4. Add routing to your service with Traffic Policy​

What's happening here?​

5. Add a second service and routing (optional)​

5a. Update your routing based on paths​

6. Try out your endpoint!​

What's next?​