Client is the root object of the ngrok-api library. Construct a Client with an API Key. Then you can access API Services as properties of the Client object:

import ngrok

# construct the api client
client = ngrok.Client("<API KEY>")

# list all ip policies
for policy in client.ip_policies.list():

# create an ngrok agent authtoken
cred = client.credentials.create()
class ngrok.Client(api_key, base_url='')[source]
property abuse_reports

Abuse Reports allow you to submit take-down requests for URLs hosted by ngrok that violate ngrok’s terms of service.

Return type


property agent_ingresses
Return type


property api_keys

API Keys are used to authenticate to the ngrok API <>`_. You may use the API itself to provision and manage API Keys but you’ll need to provision your first API key from the API Keys page <>`_ on your dashboard.

Return type


property backends
property certificate_authorities

Certificate Authorities are x509 certificates that are used to sign other x509 certificates. Attach a Certificate Authority to the Mutual TLS module to verify that the TLS certificate presented by a client has been signed by this CA. Certificate Authorities are used only for mTLS validation only and thus a private key is not included in the resource.

Return type


property credentials

Tunnel Credentials are ngrok agent authtokens. They authorize the ngrok agent to connect the ngrok service as your account. They are installed with the ngrok config add-authtoken command or by specifying it in the ngrok.yml configuration file with the authtoken property.

Return type


property edge_modules
property edges
property endpoints

Endpoints provides an API for querying the endpoint objects which define what tunnel or edge is used to serve a hostport. Only active endpoints associated with a tunnel or backend are returned.

Return type


property event_destinations
Return type


property event_sources
Return type


property event_subscriptions
Return type


property ip_policies

IP Policies are reusable groups of CIDR ranges with an allow or deny action. They can be attached to endpoints via the Endpoint Configuration IP Policy module. They can also be used with IP Restrictions to control source IP ranges that can start tunnel sessions and connect to the API and dashboard.

Return type


property ip_policy_rules

IP Policy Rules are the IPv4 or IPv6 CIDRs entries that make up an IP Policy.

Return type


property ip_restrictions

An IP restriction is a restriction placed on the CIDRs that are allowed to initiate traffic to a specific aspect of your ngrok account. An IP restriction has a type which defines the ingress it applies to. IP restrictions can be used to enforce the source IPs that can make API requests, log in to the dashboard, start ngrok agents, and connect to your public-facing endpoints.

Return type


property reserved_addrs

Reserved Addresses are TCP addresses that can be used to listen for traffic. TCP address hostnames and ports are assigned by ngrok, they cannot be chosen.

Return type


property reserved_domains

Reserved Domains are hostnames that you can listen for traffic on. Domains can be used to listen for http, https or tls traffic. You may use a domain that you own by creating a CNAME record specified in the returned resource. This CNAME record points traffic for that domain to ngrok’s edge servers.

Return type


property ssh_certificate_authorities

An SSH Certificate Authority is a pair of an SSH Certificate and its private key that can be used to sign other SSH host and user certificates.

Return type


property ssh_credentials

SSH Credentials are SSH public keys that can be used to start SSH tunnels via the ngrok SSH tunnel gateway.

Return type


property ssh_host_certificates

SSH Host Certificates along with the corresponding private key allows an SSH server to assert its authenticity to connecting SSH clients who trust the SSH Certificate Authority that was used to sign the certificate.

Return type


property ssh_user_certificates

SSH User Certificates are presented by SSH clients when connecting to an SSH server to authenticate their connection. The SSH server must trust the SSH Certificate Authority used to sign the certificate.

Return type


property tls_certificates

TLS Certificates are pairs of x509 certificates and their matching private key that can be used to terminate TLS traffic. TLS certificates are unused until they are attached to a Domain. TLS Certificates may also be provisioned by ngrok automatically for domains on which you have enabled automated certificate provisioning.

Return type


property tunnel_sessions

Tunnel Sessions represent instances of ngrok agents or SSH reverse tunnel sessions that are running and connected to the ngrok service. Each tunnel session can include one or more Tunnels.

Return type


property tunnels

Tunnels provide endpoints to access services exposed by a running ngrok agent tunnel session or an SSH reverse tunnel session.

Return type