Web Server Load Balancing with NGINX Plus

What Is the NGINX Controller API Management Module?

The NGINX Controller API Management Module is the fastest API management solution, combining the raw power and efficiency of NGINX Plus as an API gateway with new control‑plane functionality. NGINX Controller empowers Infrastructure & Operations and DevOps teams to define, publish, secure, monitor, and analyze APIs, without compromising performance.

Built on an innovative architecture, the API Management Module eliminates the need for local databases or additional components that may introduce needless complexity, latency, and potential points of failure for NGINX Plus API gateways. This reduces complexity and maximizes performance by reducing the average response time to serve an API call.

Both NGINX Plus and the API Management Module are flexible and portable – they can be deployed in any environment. NGINX’s unique architecture for API management is well suited to the needs of both legacy applications and modern distributed applications based on microservices.

Key benefits include:

API Definition and Publication

Define APIs using an intuitive interface:

  • Define base path and backend services
  • Route API calls to appropriate backend services
  • Manage API versioning
  • Import APIs that follow the OpenAPI standard
  • Create REST-to-SOAP proxies with JSON-to-XML transformation by importing WSDLs that describe SOAP APIs
  • Publish APIs to one or more environments, such as production or staging

Rate Limiting

Protect backend services from being overwhelmed and make access fair for all clients:

  • Specify the maximum request rate for each client, consumer, or resource
  • Protect API endpoints and ensure SLAs for API consumers
  • Define multiple rate‑limiting policies

Authentication and Authorization

Easily manage authentication and authorization:

  • Validate JSON Web Tokens (JWTs)
  • Create and manage API keys for consumers
  • Import API keys from external systems
  • Share with API consumers
  • Apply policies to groups of API clients

Advanced Security

Protect APIs with a modern WAF:

  • Apply out-of-the-box protection against OWASP Top 10 and other vulnerabilities, based on F5’s market‑leading WAF technology
  • Secure your APIs at runtime by deploying and managing WAF across a distributed environment, colocated with API gateway
  • Accelerate shift‑left movement and minimize security issues in production by integrating WAF into DevOps workflows

Real‑Time Monitoring and Alerting

Get critical insights into application performance:

  • Graphs of key metrics such as latency and response duration
  • Gateway‑specific metrics such as requests per second, active connections, and bandwidth usage
  • Alerts on more than 100 metrics such as CPU usage, 4xx/5xx errors, and health check failures, based on predefined thresholds
  • Easy integration with any monitoring tool of your choice using REST API

Accelerated API Release Velocity

Integrate API management into DevOps workflows and CI/CD pipelines using APIs:

  • Define and publish APIs
  • Configure API gateways
  • Configure security policies for published APIs
  • Deploy and run on containers
  • Deploy API gateways inside Kubernetes clusters

Developer Portal

Easily support developers who use your APIs:

  • Deploy in any environment and separate from the API gateways for enhanced performance
  • Deploy multiple portals with differential access rights or branding
  • Efficiently onboard developers with easily generated catalog of published APIs, documentation, and sample code


Monitor and troubleshoot API gateways quickly with:

  • An overview dashboard that aggregates metrics across API gateways
  • An Application Health Score that measures successful requests and timely responses
  • Customizable dashboards to monitor metrics specific to your environment