Skip to main content

The ngrok Agent SDK for Python

Project description

The ngrok Agent SDK for Python

PyPI Supported Versions MIT licensed Apache-2.0 licensed Continuous integration Status

Note: This is beta-quality software. Interfaces may change without warning.

ngrok is a globally distributed reverse proxy commonly used for quickly getting a public URL to a service running inside a private network, such as on your local laptop. The ngrok agent is usually deployed inside a private network and is used to communicate with the ngrok cloud service.

This is the ngrok agent in library form, suitable for integrating directly into Python applications. This allows you to quickly build ngrok into your application with no separate process to manage.

If you're looking for the previous agent downloader project, it's over here.


A quickstart guide and a full API reference are included in the ngrok-python API documentation.


  1. Install the ngrok-python package from PyPI using pip:
python -m pip install ngrok
  1. After you've installed the package, you'll need an authtoken. Retrieve one on the authtoken page of your ngrok dashboard.

  2. Add the following code block using the connect method to expose your python application at port 9000 on localhost:

import ngrok
listener = ngrok.connect(9000, authtoken_from_env=True)
print (f"Ingress established at {listener.url()}")

You can find more examples in the /examples directory.


To use most of ngrok's features, you'll need an authtoken. To obtain one, sign up for free at and retrieve it from the authtoken page in your ngrok dashboard. Once you have copied your authtoken, you can reference it in several ways.

You can set it in the NGROK_AUTHTOKEN environment variable and pass authtoken_from_env=True to the connect method:

ngrok.connect(authtoken_from_env=True, ...)

Or pass the authtoken directly to the connect method:

ngrok.connect(authtoken=token, ...)

Or set it for all connections with the set_auth_token method:



The connect method is the easiest way to start an ngrok session and establish a listener to a specified address. If an asynchronous runtime is running, the connect method returns a promise that resolves to the public listener object.

With no arguments, the connect method will start an HTTP listener to localhost port 80:

listener = ngrok.connect()

You can pass the port number to forward on localhost:

listener = ngrok.connect(4242)

Or you can specify the host and port via a string:

listener = ngrok.connect("localhost:4242")

More options can be passed to the connect method to customize the connection:

listener = ngrok.connect(8080, basic_auth="ngrok:online1line"})
listener = ngrok.connect(8080, oauth_provider="google", oauth_allow_domains="")

The second (optional) argument is the listener type, which defaults to http. To create a TCP listener:

listener = ngrok.connect(25565, "tcp")

Since the options are kwargs, you can also use the ** operator to pass a dictionary for configuration:

options = {"authtoken_from_env":True, "response_header_add":"X-Awesome:yes"}
listener = ngrok.connect(8080, **options)

See Full Configuration for the list of possible configuration options.


To close a listener use the disconnect method with the url of the listener to close. If there is an asynchronous runtime running the disconnect method returns a promise that resolves when the call is complete.


Or omit the url to close all listeners:


The close method on a listener will shut it down, and also stop the ngrok session if it is no longer needed. This method returns a promise that resolves when the listener is closed.

await listener.close()

Listing Listeners

To list all current non-closed listeners use the get_listeners method. If there is an asynchronous runtime running the get_listeners method returns a promise that resolves to the list of listener objects.

listeners = ngrok.get_listeners()

Full Configuration

This example shows all the possible configuration items of ngrok.connect:

listener = ngrok.connect(
    # session configuration
    session_metadata="Online in One Line",
    # listener configuration
    metadata="example listener metadata from python",
    proxy_proto="",  # One of: "", "1", "2"

ASGI Runner - Listeners to Uvicorn, Gunicorn, Django and More, With No Code

Prefix the command line which starts up a Uvicorn or Gunicorn web server with either ngrok-asgi or python -m ngrok. Any TCP or Unix Domain Socket arguments will be used to establish connectivity automatically. There are many command line arguments to configure the Listener used, for instance adding --basic-auth ngrok online1line will introduce basic authentication to the ingress listener.



ngrok-asgi uvicorn mysite.asgi:application
ngrok-asgi uvicorn mysite.asgi:application --host localhost --port 1234
ngrok-asgi uvicorn mysite.asgi:application --host localhost --port 1234 --basic-auth ngrok online1line
ngrok-asgi uvicorn mysite.asgi:application --uds /tmp/uvicorn.sock

# Can use the module name as well, such as:
python -m ngrok uvicorn mysite.asgi:application --oauth-provider google --allow-emails



ngrok-asgi gunicorn mysite.asgi:application -k uvicorn.workers.UvicornWorker
ngrok-asgi gunicorn mysite.asgi:application -k uvicorn.workers.UvicornWorker --webhook-verification twilio s3cr3t
ngrok-asgi gunicorn mysite.asgi:application -k uvicorn.workers.UvicornWorker --bind localhost:1234
ngrok-asgi gunicorn mysite.asgi:application -k uvicorn.workers.UvicornWorker --bind unix:/tmp/gunicorn.sock

# Can use the module name as well, such as:
python -m ngrok gunicorn mysite.asgi:application -k uvicorn.workers.UvicornWorker --response-header X-Awesome True



Machine Learning

Listener Types

TLS Backends

As of version 0.10.0 there is backend TLS connection support, validated by a filepath specified in the SSL_CERT_FILE environment variable, or falling back to the host OS installed trusted certificate authorities. So it is now possible to do this to connect:

ngrok.connect("", authtoken_from_env=True)

If the service is using certs not trusted by the OS, such as self-signed certificates, add an environment variable like this before running: SSL_CERT_FILE=/path/to/ca.crt.

Unix Sockets

You may also choose to use Unix Sockets instead of TCP. You can view an example of this here.

A socket address may be passed directly into the listener forward() call as well by prefixing the address with unix:, for example unix:/tmp/socket-123.


For more control over Sessions and Listeners, the builder classes can be used.

A minimal example using the builder class looks like the following:

async def create_listener():
    session = await ngrok.NgrokSessionBuilder().authtoken_from_env().connect()
    listener = await session.http_endpoint().listen()
    print (f"Ingress established at {listener.url()}")

See here for a Full Configuration Example

Platform Support

Pre-built binaries are provided on PyPI for the following platforms:

OS i686 x64 aarch64 arm
Windows *
Linux musl
FreeBSD *

ngrok-python, and ngrok-rust which it depends on, are open source, so it may be possible to build them for other platforms.

  • Windows-aarch64 will be supported after the next release of Ring.
  • FreeBSD-x64 is built by the release process, but PyPI won't accept BSD flavors.


This project relies on PyO3, an excellent system to ease development and building of Rust plugins for Python.

Thank you to OpenIoTHub for handing over the ngrok name on PyPI.


Changes are tracked in


This project is licensed under either of

at your option.


Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in ngrok-python by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

ngrok-0.12.0-cp37-abi3-win_amd64.whl (3.0 MB view hashes)

Uploaded cp37

ngrok-0.12.0-cp37-abi3-win32.whl (2.6 MB view hashes)

Uploaded cp37

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page