F5 NGINX API Gateway: Lightweight, secure, and developer friendly. Any environment.

Security-first, developer-friendly. Easy to deploy and manage. One-click WAF and DDoS.

Multi-cloud API delivery with security and control

Robust API security that’s easy to manage and deliver

NGINX API Gateway delivers robust API security with JWT validation, mTLS, rate limiting, and one-click WAF setup. Designed for Kubernetes, cloud, and on-prem, it supports fine-grained traffic control and policy enforcement. Developers benefit from a large configuration library, simple CI/CD integration, and lightweight, high-performance deployment at scale.

  • Rate limits and traffic controls - Applies rate limits by IP, key, or route to prevent abuse, absorb bursts, and reduce pressure on backend services.
  • Comprehensive auth - Supports JWT, OAuth 2.0, OpenID Connect, and mTLS to authenticate users and services and encrypt traffic between trusted endpoints.
  • WAF and DDoS - Defends against application-later DDoS attacks with rRoute-level access policies and one-click WAF setup for OWASP Top 10 threats and API abuse.
computer screen with lock overlaying clouds
API gateway wheel

Manage API gateways

NGINX API Gateway addresses API sprawl by providing federated management of gateway instances across Kubernetes, cloud, and on-prem. NGINX One centralizes config, monitoring, and updates, with built-in AI-driven guidance , CVE notices and SSL cert management reduces misconfigurations and ensures consistency in policy enforcement across environments.

  • Distributed management of federated gateways - Manage API gateways across clouds, on-prem, and in Kubernetes with centralized control and fine-grained traffic routing per service or route.
  • Real-time API policy updates - Push config changes to API Gateway instantly without reloads. Active health checks ensure uptime during updates and upstream failures.
  • Global, real-time observability and governance - Get a unified view of API traffic across distributed environments. Monitor throughput, errors, and config changes in real time.

DevOps and developer friendly

NGINX API Gateway integrates into DevOps workflows with support for declarative configuration, CI/CD pipelines, and GitOps practices. Its lightweight footprint fits cloud, on-prem, and containerized environments. Developers can quickly apply policy changes via the NGINX One Console or API, validate configurations, and ship updates without downtime or complex tooling.

  • Easy to deploy - Runs natively in containers, VMs, or bare metal with minimal setup across Kubernetes, cloud, or on-prem.
  • Drops into workflows - Works with existing CI/CD pipelines using yaml-based config, api-driven updates, and rollback-friendly version control.
  • Simplified configuration - Declarative config format with validation and AI-assisted setup via NGINX One helps reduce errors and streamline multi-env policy rollout.
device in circle of rotating arrows with rocketship and code wheel icons
Cloud with code icons and wheel

Cloud-native, containerized for federated APIs

Designed for cloud-native platforms, NGINX API Gateway runs efficiently in containers, scales horizontally, and supports federated API operations across Kubernetes, public cloud, and edge nodes—enabling modern, distributed application delivery.

  • Kubernetes-native deployment and integration - Runs as a container with full K8s support—CRDs, Helm, and Ingress—for declarative API delivery in cloud-native platforms. Drops into GitOps CI/CD pipelines. 
  • Lightweight and scalable - Small, container-ready footprint. Scales horizontally via orchestration platforms like Kubernetes to handle bursty, dynamic API workloads.
  • Distributed API gateway control - Enables multiple autonomous gateways to operate with shared visibility and consistent traffic policy enforcement.

Core capabilities

Delivers, controls, and secures API traffic in any environment at any scale. Allows developers move fast without breaking things while. Giving security teams rock-solid risk management and attack surface reduction with low overhead.

API security enforcement
Guards against OWASP Top 10 and other API attacks. Blocks DDoS and business logic abuse. Easy to apply granular, rules-based OIDC, JWT, and other authentication per API.
Granular traffic control
Protects APIs with precise per-client rate limiting, burst control.
Deep observability
200+ performance metrics to troubleshoot traffic issues. Easy third-party integrations via OpenTelemetry.
Deploy anywhere
Small Container image (>60MB) runs in cloud, on-prem, across clouds, edge environments.
Easy to extend and customize
Huge library of existing configs and plugins. Write your own with Lua, njs or YAML/CRDS.
One-click WAF integration
NGINX App Protect offers inline inspection of API traffic sharing the same data plane for extra-low latency.
NGINX One for AI config, security support
NGINX One AI gives expert answers and in-line config suggestions.

Resources

Featured

Shield with checkmark and code wheel in a cloud

Deploying NGINX as an API gateway

As the leading high‑performance, lightweight reverse proxy and load balancer, NGINX has the advanced HTTP processing capabilities needed for handling API traffic. This makes NGINX the ideal platform with which to build an API gateway.

Read the blog

eBooks

The new application delivery value chain: A unified playbook ›

NGINX cookbook

NGINX cookbook ›

Documentation

NGINX docs ›

Related products

F5 NGINX App Protect
A lightweight, high-performance web application firewall designed to protect APIs and modern apps.
F5 NGINX One
All-in-one data plane and management plane to deliver and secure modern apps and APIs.
NGINX Gateway Fabric
Delivery solution for modern apps using role-oriented and expressive Gateway API.

Next steps

Start a NGINX One trail
See how NGINX One works with a free trial.
Start today
Contact us
Find out how F5 products and solutions can enable you to achieve your goals.
Contact us
Deliver and Secure Every App
F5 application delivery and security solutions are built to ensure that every app and API deployed anywhere is fast, available, and secure. Learn how we can partner to deliver exceptional experiences every time.
Connect With Us