F5 NGINX API Gateway: Lightweight, secure, and developer friendly. Any environment.
Security-first, developer-friendly. Easy to deploy and manage. One-click WAF and DDoS.
Multi-cloud API delivery with security and control
NGINX API Gateway addresses API sprawl by providing federated management of gateway instances across Kubernetes, cloud, and on-prem. NGINX One centralizes config, monitoring, and updates, with built-in AI-driven guidance , CVE notices and SSL cert management reduces misconfigurations and ensures consistency in policy enforcement across environments.
- Distributed management of federated gateways - Manage API gateways across clouds, on-prem, and in Kubernetes with centralized control and fine-grained traffic routing per service or route.
- Real-time API policy updates - Push config changes to API Gateway instantly without reloads. Active health checks ensure uptime during updates and upstream failures.
- Global, real-time observability and governance - Get a unified view of API traffic across distributed environments. Monitor throughput, errors, and config changes in real time.
Designed for cloud-native platforms, NGINX API Gateway runs efficiently in containers, scales horizontally, and supports federated API operations across Kubernetes, public cloud, and edge nodes—enabling modern, distributed application delivery.
- Kubernetes-native deployment and integration - Runs as a container with full K8s support—CRDs, Helm, and Ingress—for declarative API delivery in cloud-native platforms. Drops into GitOps CI/CD pipelines.
- Lightweight and scalable - Small, container-ready footprint. Scales horizontally via orchestration platforms like Kubernetes to handle bursty, dynamic API workloads.
- Distributed API gateway control - Enables multiple autonomous gateways to operate with shared visibility and consistent traffic policy enforcement.
Core capabilities
Delivers, controls, and secures API traffic in any environment at any scale. Allows developers move fast without breaking things while. Giving security teams rock-solid risk management and attack surface reduction with low overhead.
API security enforcement
Guards against OWASP Top 10 and other API attacks. Blocks DDoS and business logic abuse. Easy to apply granular, rules-based OIDC, JWT, and other authentication per API.
Granular traffic control
Protects APIs with precise per-client rate limiting, burst control.
Deep observability
200+ performance metrics to troubleshoot traffic issues. Easy third-party integrations via OpenTelemetry.
Deploy anywhere
Small Container image (>60MB) runs in cloud, on-prem, across clouds, edge environments.
Easy to extend and customize
Huge library of existing configs and plugins. Write your own with Lua, njs or YAML/CRDS.
One-click WAF integration
NGINX App Protect offers inline inspection of API traffic sharing the same data plane for extra-low latency.
NGINX One for AI config, security support
NGINX One AI gives expert answers and in-line config suggestions.
Resources
Featured
As the leading high‑performance, lightweight reverse proxy and load balancer, NGINX has the advanced HTTP processing capabilities needed for handling API traffic. This makes NGINX the ideal platform with which to build an API gateway.