With NGINX Plus as an API gateway, you can use JSON Web Tokens (JWTs) to control access to your APIs. We explain how to configure the gateway for JWT-based authentication, issue JWTs to API clients, rate limit, log claims from the JWT, and revoke JWTs.
We describe the state of our QUIC+HTTP/3 implementation, starting with a review of the work we've done so far. Our roadmap includes merging the nginx-quic development branch into the NGINX mainline and implementing performance optimizations. You can help by testing the implementation.
We have released updates to NGINX Open Source, NGINX Plus, and NGINX Ingress Controller to fix a vulnerability in DNS resolution (CVE-2021-23017). We consider the vulnerability to be low-severity, but encourage users to upgrade to the latest versions.
Learn about the latest release of NGINX Plus and how it can help you solve your most pressing traffic management and security challenges.
This part of our series on deploying NGINX Plus as an API gateway - along with its other rich functionality - focuses on gatewaying gRPC services. gRPC is an alternative to REST APIs for building distributed applications, service mesh implementations in particular.
In the second post in our API gateway series, Liam shows you how to batten down the hatches on your API services. You can use rate limiting, access restrictions, request size limits, and request body validation to frustrate illegitimate or overly burdensome requests.
The advanced HTTP processing capabilities of NGINX and NGINX Plus make it the ideal platform for building an API gateway. We describe API use cases, show how to configure NGINX to handle them in a way that is efficient, scalable, and easy to maintain, and provide a complete NGINX configuration.