ceven

Ngrok

Exposes local development servers to the public internet and manages secure tunnel configurations for webhook testing and API prototyping.

Try Ngrok in Ceven

Ask Ceven anything
Standard

Why use Ceven?

  1. AI native Ngrok integration

    • Describe the outcome and Ceven picks the right Ngrok calls, fills the parameters, and checks the result.
    • Structured, agent friendly tool schemas so each call runs reliably instead of by guesswork.
    • Rich coverage for reading, writing, and querying your Ngrok data, across all 102 of its actions.

  2. Managed auth

    • Built in OAuth with automatic token refresh and rotation.
    • One place to manage, scope, and revoke Ngrok access.
    • Per user and per environment credentials instead of shared keys.

  3. Agent optimized design

    • Actions are tuned from real success and error rates so reliability climbs over time.
    • Full execution logs so you always know what ran in Ngrok, when, and on whose behalf.
    • The agent pauses and asks when Ngrok is unclear instead of plowing ahead.

  4. Enterprise grade security

    • Fine grained access so you control which agents and people can reach Ngrok.
    • Least privilege by default, read scopes first and only the writes a workflow needs.
    • A full audit trail of every Ngrok action to support review and sign off.

Supported tools

Every action Ceven's agents can run on Ngrok, and when to use it.

Create API Key
Use this to generate a new key for programmatic access to the Ngrok API when setting up a new automation service.
Delete API Key
Remove a specific API key by ID to revoke access immediately for security reasons.
Get IP Restriction Details
Pull detailed configuration for a specific IP restriction to verify which addresses can access your resources.
List API Keys
Pull a paginated list of all API keys associated with the account to audit active credentials.
List All Endpoints
Retrieve every active endpoint on the account to see which public URLs are currently live.
List HTTPS Edges
Pull all HTTPS edge configurations to review how traffic is routed to your local services.
List IP Policy Rules
Retrieve all IP policy rules including CIDR blocks and metadata for security compliance checks.
List IP Restrictions
Pull a full list of IP based access restrictions to audit who can reach your tunnels.
List Active Tunnels
Retrieve all tunnels currently running including their public URLs and start times.
Create IP Restriction
Use this to limit tunnel access to a specific set of IP addresses for private testing.
Update Edge Configuration
Modify how an HTTPS edge handles incoming traffic to change routing or security settings.
Delete Tunnel
Forcefully close an active tunnel session to stop external traffic from reaching a local port.

12 actions · scroll to see them all

Frequently asked questions

Ceven connects to Ngrok using an API key provided by the user. This key is stored in an encrypted vault and is only injected into the request header when the agent needs to perform an action on your behalf. We never expose this key in the prompt logs or to the LLM directly. You can rotate this key at any time through the Ngrok dashboard, and the agent will prompt you to update the credential in Ceven if it encounters a 401 unauthorized error during a workflow run. This ensures that your tunnel management remains secure and under your control.
Yes. This is a primary use case for the integration. When a new Ngrok tunnel is created, the agent captures the ephemeral public URL. It then identifies which third party services are configured to send webhooks to your local environment and uses those services API to update the destination URL. This eliminates the need to manually log into multiple dashboards every time your Ngrok session restarts. The agent manages the mapping between your local port and the remote service, ensuring that the data flow remains uninterrupted during your development cycle.
Users on the Ngrok free tier will experience ephemeral URLs, meaning the public address changes every time the tunnel restarts. Ceven handles this by automating the update of your downstream webhooks, but you are still subject to Ngrok free tier rate limits on the API. For example, frequent creation and deletion of API keys or rapid polling of the tunnels endpoint may trigger a 429 too many requests response. If your workflow requires static domains or higher request throughput, you will need to upgrade your Ngrok plan to a paid tier.
Ceven can manage Ngrok IP restrictions to ensure only authorized traffic reaches your machine. By using the IP restriction tools, the agent can programmatically add your office IP or your CI CD runner IP to the allow list. This prevents random internet users from discovering and accessing your local development server while still allowing you to test webhooks from specific trusted sources. The agent can audit these rules periodically to ensure that old IPs are removed and only current active developers have access.
No. Ceven interacts with the Ngrok control plane API to manage tunnels and configurations, but it does not sit in the data path of the tunnel itself. The traffic flows directly from the Ngrok edge to your local machine. Ceven cannot see the request bodies, headers, or payloads of the traffic passing through your tunnels. It only sees the metadata provided by the Ngrok API, such as whether a tunnel is active, what the public URL is, and when the session started.
Ceven can be configured to poll the active tunnels endpoint or react to a failure in a dependent workflow. If the agent detects that a required tunnel is no longer active, it can trigger a recovery workflow. This involves calling the Ngrok API to provision a new tunnel, retrieving the new URL, and updating all registered webhooks across your other integrated SaaS tools. This creates a self healing development environment where your external integrations stay connected even if your local network blips or your laptop sleeps.
Ceven supports multiple credential sets per user. You can connect a personal Ngrok account for side projects and a corporate account for professional work. When you define a workflow, you specify which account context the agent should use. This ensures that your professional tunnels and IP policies are kept strictly separate from your personal ones. The agent tracks which API key belongs to which environment, allowing you to switch between different tunnel configurations without manually swapping keys in a terminal.
The limit is determined by your Ngrok plan rather than Ceven. Ngrok imposes limits on the number of concurrent tunnels and endpoints depending on whether you are on a free or paid plan. Ceven simply executes the API calls. If you attempt to create more tunnels than your plan allows, Ngrok will return an error which Ceven will report back to you in the workflow logs. For most development use cases, the standard plan limits are more than sufficient for the agent to manage your local environment.

Alternatives to Ngrok

Other tools that solve a similar problem. Ceven supports these too, so you can switch or run more than one at once.

Cloudflare Tunnel logoCloudflare TunnelLocalTunnel logoLocalTunnelPageKite logoPageKite

Try Ceven on your stack

Plug Ceven on top of the tools you already run. Connect Ngrok and the rest of your stack, describe the outcome, and its agents handle the work end to end, days of it in minutes.

Get started for free