Looking for Okta Logos?

You can find all the media assets you need as part of our press room.

Download Media Assets

NGINX as API Gateway

Overview

Okta works with NGINX to provide secure access to API endpoints for both end users and applications. Using Okta, you can easily create and manage access policies tied to end-user attributes such as group membership and network location. When an end user authenticates with Okta, Okta creates a token that represents the user's level of access. For API endpoints that are being served by NGINX, NGINX inspects the access tokens and validates whether or not the user is authorized. Users can also be prompted to grant the application visibility into their access levels.

The Challenge

Solutions

Users need access to an ever-expanding world of enterprise applications and APIs

Okta Hybrid IT icon

These enterprise applications and services now live both on-premises and in the cloud

Security logs

Organizations need a simple and secure way to manage access to legacy and modern applications and APIs wherever they reside, without the hassle of rewriting application code

The Solution

  • Okta integrated with NGINX enables you to secure your apps and APIs, regardless of where they live
  • Easily extend Okta Single Sign-On (SSO) and Okta Multi-Factor Authentication (MFA) to enterprise resources in the cloud and behind the firewall
  • Provide conditional and policy-driven access to APIs and resources, giving unprecedented security and control to the IT team
Use case one: Secure and manage access to both legacy and modern apps

Okta and NGINX together let you fine-tune end-user authentication and access to both legacy and modern apps. The integration is built on OpenID Connect (OIDC) and translates OIDC tokens from Okta, which include relevant user attributes, into headers that NGINX can use to provide the appropriate level of access to downstream apps, enabling customized access control. Okta’s SSO keeps the login process simple and secure for users, and Okta’s adaptive MFA provides strong protection for all apps, including on-prem or legacy apps that don’t natively support it.

nginx diagram2 0

Use case two: Manage your APIs easily and securely

Okta works with NGINX to provide secure access to API endpoints for both end users and applications. Using Okta, you can easily create and manage access policies tied to end-user attributes such as group membership and network location. When an end user authenticates with Okta, Okta creates a token that represents the user’s level of access. For API endpoints that are being served by NGINX, NGINX inspects the access tokens and validates whether or not the user is authorized. Users can also be prompted to grant the application visibility into their access levels.

nginx diagram1

Integrate with either NGINX Open Source or NGINX Plus

Okta integrates both with NGINX Open Source and with NGINX Plus, the commercial version supported by NGINX, Inc. Both systems natively support OIDC for authentication, and can validate tokens for API access management.

Secure app and API access, without burdening IT or end users
  • Provide enterprise IT teams with tools for fine-grained access control by integrating Okta’s leading identity solutions with NGINX’s application delivery capabilities
  • Control and manage user and developer access, at the individual or group level, based on flexible policy settings
  • Safeguard enterprise assets on premises and in the cloud with identity-based security that doesn’t burden authorized users with additional hurdles