F5 NGINX API Gateway: Lightweight, secure, and developer friendly. Any environment.
Security-first, developer-friendly. Easy to deploy and manage. One-click WAF and DDoS.
Multi-cloud API delivery with security and control
Robust API security that’s easy to manage and deliver
NGINX API Gateway delivers robust API security with JWT validation, mTLS, rate limiting, and one-click WAF setup. Designed for Kubernetes, cloud, and on-prem, it supports fine-grained traffic control and policy enforcement. Developers benefit from a large configuration library, simple CI/CD integration, and lightweight, high-performance deployment at scale.
- Rate limits and traffic controls - Applies rate limits by IP, key, or route to prevent abuse, absorb bursts, and reduce pressure on backend services.
- Comprehensive auth - Supports JWT, OAuth 2.0, OpenID Connect, and mTLS to authenticate users and services and encrypt traffic between trusted endpoints.
- WAF and DDoS - Defends against application-later DDoS attacks with route-level access policies and one-click WAF setup for OWASP Top 10 threats and API abuse.
Manage API gateways
NGINX API Gateway addresses API sprawl by providing federated management of gateway instances across Kubernetes, cloud, and on-prem. NGINX One centralizes config, monitoring, and updates, with built-in AI-driven guidance , CVE notices and SSL cert management reduces misconfigurations and ensures consistency in policy enforcement across environments.
- Distributed management of federated gateways - Manage API gateways across clouds, on-prem, and in Kubernetes with centralized control and fine-grained traffic routing per service or route.
- Real-time API policy updates - Push config changes to API Gateway instantly without reloads. Active health checks ensure uptime during updates and upstream failures.
- Global, real-time observability and governance - Get a unified view of API traffic across distributed environments. Monitor throughput, errors, and config changes in real time.
DevOps and developer friendly
NGINX API Gateway integrates into DevOps workflows with support for declarative configuration, CI/CD pipelines, and GitOps practices. Its lightweight footprint fits cloud, on-prem, and containerized environments. Developers can quickly apply policy changes via the NGINX One Console or API, validate configurations, and ship updates without downtime or complex tooling.
- Easy to deploy - Runs natively in containers, VMs, or bare metal with minimal setup across Kubernetes, cloud, or on-prem.
- Drops into workflows - Works with existing CI/CD pipelines using yaml-based config, api-driven updates, and rollback-friendly version control.
- Simplified configuration - Declarative config format with validation and AI-assisted setup via NGINX One helps reduce errors and streamline multi-env policy rollout.
Cloud-native, containerized for federated APIs
Designed for cloud-native platforms, NGINX API Gateway runs efficiently in containers, scales horizontally, and supports federated API operations across Kubernetes, public cloud, and edge nodes—enabling modern, distributed application delivery.
- Kubernetes-native deployment and integration - Runs as a container with full K8s support—CRDs, Helm, and Ingress—for declarative API delivery in cloud-native platforms. Drops into GitOps CI/CD pipelines.
- Lightweight and scalable - Small, container-ready footprint. Scales horizontally via orchestration platforms like Kubernetes to handle bursty, dynamic API workloads.
- Distributed API gateway control - Enables multiple autonomous gateways to operate with shared visibility and consistent traffic policy enforcement.
Core capabilities
Delivers, controls, and secures API traffic in any environment at any scale. Allows developers move fast without breaking things while. Giving security teams rock-solid risk management and attack surface reduction with low overhead.
Resources
Featured
Deploying NGINX as an API gateway
As the leading high‑performance, lightweight reverse proxy and load balancer, NGINX has the advanced HTTP processing capabilities needed for handling API traffic. This makes NGINX the ideal platform with which to build an API gateway.
Read the blog