NGINX Controller API Management Module

The NGINX Controller API Management Module is the fastest API management solution, combining the raw power and efficiency of NGINX Plus as an API gateway with new control‑plane functionality. NGINX Controller empowers Infrastructure & Operations and DevOps teams to define, publish, secure, monitor, and analyze APIs, without compromising performance.

Built on an innovative architecture, the API Management Module eliminates the need for local databases or additional components that may introduce needless complexity, latency, and potential points of failure for NGINX Plus API gateways. This reduces complexity and maximizes performance by reducing the average response time to serve an API call.

Both NGINX Plus and the API Management Module are flexible and portable – they can be deployed in any environment. NGINX’s unique architecture for API management is well suited to the needs of both legacy applications and modern distributed applications based on microservices.

Key benefits include:

• API Definition and Publication
• Rate Limiting
• Authentication and Authorization
• Advanced Security
• Real‑Time Monitoring and Alerting
• Accelerated API Release Velocity
• Developer Portal
• Dashboards

Define APIs using an intuitive interface:

• Define base path and backend services
• Route API calls to appropriate backend services
• Manage API versioning
• Import APIs that follow the OpenAPI standard
• Create REST-to-SOAP proxies with JSON-to-XML transformation by importing WSDLs that describe SOAP APIs
• Publish APIs to one or more environments, such as production or staging

Protect backend services from being overwhelmed and make access fair for all clients:

• Specify the maximum request rate for each client, consumer, or resource
• Protect API endpoints and ensure SLAs for API consumers
• Define multiple rate‑limiting policies

Easily manage authentication and authorization:

• Validate JSON Web Tokens (JWTs)
• Create and manage API keys for consumers
• Import API keys from external systems
• Share with API consumers
• Apply policies to groups of API clients

Protect APIs with a modern WAF:

• Apply out-of-the-box protection against OWASP Top 10 and other vulnerabilities, based on F5’s market‑leading WAF technology
• Secure your APIs at runtime by deploying and managing WAF across a distributed environment, colocated with API gateway
• Accelerate shift‑left movement and minimize security issues in production by integrating WAF into DevOps workflows

Get critical insights into application performance:

• Graphs of key metrics such as latency and response duration
• Gateway‑specific metrics such as requests per second, active connections, and bandwidth usage
• Alerts on more than 100 metrics such as CPU usage, 4xx/5xx errors, and health check failures, based on predefined thresholds
• Easy integration with any monitoring tool of your choice using REST API

Integrate API management into DevOps workflows and CI/CD pipelines using APIs:

• Define and publish APIs
• Configure API gateways
• Configure security policies for published APIs
• Deploy and run on containers
• Deploy API gateways inside Kubernetes clusters

Easily support developers who use your APIs:

• Deploy in any environment and separate from the API gateways for enhanced performance
• Deploy multiple portals with differential access rights or branding
• Efficiently onboard developers with easily generated catalog of published APIs, documentation, and sample code

Monitor and troubleshoot API gateways quickly with:

• An overview dashboard that aggregates metrics across API gateways
• An Application Health Score that measures successful requests and timely responses
• Customizable dashboards to monitor metrics specific to your environment