# How to integrate Ngrok MCP with OpenClaw ```json { "title": "How to integrate Ngrok MCP with OpenClaw", "toolkit": "Ngrok", "toolkit_slug": "ngrok", "framework": "OpenClaw", "framework_slug": "openclaw", "url": "https://composio.dev/toolkits/ngrok/framework/openclaw", "markdown_url": "https://composio.dev/toolkits/ngrok/framework/openclaw.md", "updated_at": "2026-05-12T10:20:16.556Z" } ``` ## Introduction OpenClaw is the fastest growing agent harness out there, which can work 24/7 to automate almost any kind of tasks. However, its capabilities are limited to the tools it has access to. Composio allows your OpenClaw to access Ngrok with authentication management handled for you. You can execute actions on Ngrok via your favorite OpenClaw interface (Telegram, WhatsApp, TUI, etc), whichever you prefer. ## Also integrate Ngrok with - [OpenAI Agents SDK](https://composio.dev/toolkits/ngrok/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/ngrok/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/ngrok/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/ngrok/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/ngrok/framework/codex) - [Hermes](https://composio.dev/toolkits/ngrok/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/ngrok/framework/cli) - [Google ADK](https://composio.dev/toolkits/ngrok/framework/google-adk) - [LangChain](https://composio.dev/toolkits/ngrok/framework/langchain) - [Vercel AI SDK](https://composio.dev/toolkits/ngrok/framework/ai-sdk) - [Mastra AI](https://composio.dev/toolkits/ngrok/framework/mastra-ai) - [LlamaIndex](https://composio.dev/toolkits/ngrok/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/ngrok/framework/crew-ai) ## TL;DR ### Why use Composio? Apart from a managed and hosted MCP server, you will get: - Programmatic tool calling allows LLMs to write its code in a remote workbench to handle complex tool chaining. Reduces to-and-fro with LLMs for frequent tool calling. - Handling Large tool responses out of LLM context to minimize context rot. - Dynamic just-in-time access to 20,000 tools across 1000+ other Apps for cross-app workflows. It loads the tools you need, so LLMs aren't overwhelmed by tools you don't need. ## Connect Ngrok to OpenClaw ### How to install Ngrok with OpenClaw ### Using Composio API Key and Setup Prompt - Go to [dashboard.composio.dev](https://dashboard.composio.dev/login?next=/~/org/connect/clients/openclaw&utm_source=toolkits&utm_medium=framework_template&utm_campaign=openclaw&utm_content=setup_prompt) - Copy the setup prompt - Run it in your OpenClaw chat interface. - Authenticate Ngrok from the [dashboard](https://dashboard.composio.dev/login?next=/~/org/connect/clients/openclaw&utm_source=toolkits&utm_medium=framework_template&utm_campaign=openclaw&utm_content=authenticate) - Go back to your OpenClaw interface and start asking questions. ### Using OpenClaw/Composio Plugin 1. Install OpenClaw Composio plugin ```bash openclaw plugins install @composio/openclaw-plugin ``` ## What is the Ngrok MCP server, and what's possible with it? The Ngrok MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Ngrok account. It provides structured and secure access to your Ngrok tunnels and API keys, so your agent can perform actions like managing endpoints, listing tunnels, handling API keys, and auditing IP restrictions on your behalf. - Active tunnel and endpoint monitoring: Instantly list all active tunnels and endpoints in your Ngrok account, making it simple to track running services and public URLs. - API key management: Programmatically create, list, and delete API keys to securely manage who and what can access your Ngrok resources. - HTTPS edge configuration visibility: Retrieve a comprehensive list of all HTTPS edges to review and manage how Ngrok handles encrypted traffic. - IP restriction and policy auditing: List and inspect all IP restrictions and policy rules, helping you enforce access control and security best practices. - Detailed access audit trails: Fetch details about specific IP restrictions for security audits and compliance, ensuring you always know who can access your tunnels and APIs. ## Supported Tools | Tool slug | Name | Description | |---|---|---| | `NGROK_CREATE_API_KEY` | Create API Key | Creates a new API key for authenticating with the ngrok API. This tool allows programmatic creation of API keys that can be used to access ngrok's API services. | | `NGROK_CREATE_CREDENTIAL` | Create Tunnel Credential | Creates a new tunnel authtoken credential for authenticating ngrok agents. This authtoken credential can be used to start a new tunnel session. The response to this API call is the only time the generated token is available. | | `NGROK_CREATE_ENDPOINT` | Create Endpoint | Create a cloud endpoint on the ngrok account. Use when you need to set up a new cloud endpoint with custom traffic policies for handling HTTP traffic. | | `NGROK_CREATE_EVENT_SOURCE` | Create Event Source | Add a new event source to an event subscription. Event sources define which types of events will trigger the subscription. Use this when you need to subscribe to additional event types for an existing event subscription. | | `NGROK_CREATE_EVENT_SUBSCRIPTION` | Create Event Subscription | Creates a new event subscription in ngrok. Event subscriptions allow you to be notified when specific events occur in your ngrok account. Use this when you need to set up webhooks or event-driven workflows for ngrok resource changes. | | `NGROK_CREATE_HTTPS_EDGE` | Create HTTPS Edge | Creates a new HTTPS edge in your ngrok account. HTTPS edges define how ngrok handles HTTPS traffic for your domains. Use this when you need to set up a new HTTPS endpoint with custom TLS or mutual TLS configuration. | | `NGROK_CREATE_HTTPS_EDGE_ROUTE` | Create HTTPS Edge Route | Creates a new route on an HTTPS edge in ngrok. Routes define how traffic matching specific patterns should be handled and can include various security and transformation modules. Use when you need to configure routing rules for an HTTPS edge with optional modules like OAuth, IP restrictions, header transformations, and more. | | `NGROK_CREATE_SSH_CREDENTIAL` | Create SSH Credential | Creates a new SSH credential from an uploaded public SSH key. This SSH credential can be used to start new tunnels via ngrok's SSH gateway. Use when you need to authenticate SSH-based tunnel connections with ngrok. | | `NGROK_CREATE_VAULT` | Create Vault | Creates a new vault in your ngrok account. Vaults are used for securely storing and managing sensitive data such as secrets, credentials, and tokens. | | `NGROK_CREATE_VAULT_SECRET` | Create Vault Secret | Tool to create a new secret in an ngrok vault for secure storage of sensitive data like API keys, passwords, or tokens. Use when you need to securely store sensitive information that can be referenced in traffic policies without exposing the actual values. | | `NGROK_DELETE_API_KEY` | Delete API Key | Delete an API key by its ID. This action permanently removes the specified API key from your ngrok account. This is an important security feature that allows users to revoke access when an API key is compromised or no longer needed. Once deleted, the API key cannot be recovered and any services using it will lose access. | | `NGROK_DELETE_CREDENTIALS` | Delete Credentials | Delete a tunnel authtoken credential by ID. This action permanently removes the specified credential from your ngrok account. | | `NGROK_DELETE_EDGE_ROUTE_CIRCUIT_BREAKER_MODULE` | Delete HTTPS Edge Route Circuit Breaker Module | Delete the Circuit Breaker module from an HTTPS Edge Route. This action removes the circuit breaker configuration that protects upstream services from being overwhelmed by automatically rejecting requests when error thresholds are exceeded. | | `NGROK_DELETE_EDGE_ROUTE_COMPRESSION_MODULE` | Delete Edge Route Compression Module | Delete the compression module from an HTTPS edge route. Use this to remove compression settings from a specific route within an HTTPS edge configuration. | | `NGROK_DELETE_EDGE_ROUTE_REQUEST_HEADERS_MODULE` | Delete Edge Route Request Headers Module | Delete the request headers module from an HTTPS edge route. This removes any custom request header modifications configured for the specified route. Use this action when you need to stop modifying request headers on a specific edge route. After deletion, requests will pass through without header modifications. | | `NGROK_DELETE_EDGE_ROUTE_RESPONSE_HEADERS_MODULE` | Delete Edge Route Response Headers Module | Delete the response headers module from an HTTPS edge route. Use when you need to remove response header manipulation from a specific route. | | `NGROK_DELETE_EDGE_ROUTE_SAML_MODULE` | Delete Edge Route SAML Module | Delete the SAML module configuration from an HTTPS edge route. This action removes SAML authentication from the specified route, allowing traffic to pass through without SAML validation. The operation is idempotent and returns success even if no SAML module exists. | | `NGROK_DELETE_EDGE_ROUTE_USER_AGENT_FILTER_MODULE` | Delete Edge Route User Agent Filter Module | Delete the user agent filter module from an HTTPS edge route. Use this to remove user agent filtering from a specific route within an HTTPS edge configuration. | | `NGROK_DELETE_EDGE_ROUTE_WEBHOOK_VERIFICATION_MODULE` | Delete Edge Route Webhook Verification Module | Delete the webhook verification module from an HTTPS edge route. This removes webhook signature verification configured for the specified route. Use this action when you need to stop verifying webhook signatures on a specific edge route. After deletion, webhooks will pass through without signature verification. | | `NGROK_DELETE_EDGE_ROUTE_WEBSOCKET_TCP_CONVERTER_MODULE` | Delete Edge Route WebSocket TCP Converter Module | Delete the WebSocket TCP converter module from an HTTPS edge route. Use when you need to remove WebSocket to TCP conversion functionality from a specific route. The operation is idempotent. | | `NGROK_DELETE_ENDPOINT` | Delete Endpoint | Delete an endpoint by ID. This action permanently removes the specified endpoint from your ngrok account. Currently only available for cloud endpoints. Cloud endpoints are those created through the ngrok dashboard or API with reserved domains. Once deleted, the endpoint cannot be recovered and traffic to the endpoint will no longer be processed. | | `NGROK_DELETE_EVENT_SOURCE` | Delete Event Source | Delete an event source from an event subscription. This removes a specific event type from the subscription, so the subscription will no longer trigger for that event. Event sources define which types of events trigger notifications for a subscription. Removing an event source does not delete the subscription itself - only the association with that specific event type. | | `NGROK_DELETE_EVENT_SUBSCRIPTION` | Delete Event Subscription | Delete an event subscription by ID. This action permanently removes the specified event subscription from your ngrok account. Event subscriptions allow you to receive notifications when specific events occur in your ngrok account. Once deleted, you will no longer receive notifications for events matching this subscription. | | `NGROK_DELETE_HTTPS_EDGE` | Delete HTTPS Edge | Delete an HTTPS edge by ID. This action permanently removes the specified HTTPS edge configuration from your ngrok account. HTTPS edges define how ngrok handles HTTPS traffic for your domains. Once deleted, the edge and all associated routes cannot be recovered, and traffic to the configured hostports will no longer be processed. | | `NGROK_DELETE_HTTPS_EDGE_ROUTE` | Delete HTTPS Edge Route | Delete an HTTPS edge route by ID. This action permanently removes the specified route from an HTTPS edge configuration in your ngrok account. HTTPS edge routes define how traffic is handled for specific hostnames and paths. Once deleted, the route cannot be recovered and traffic matching the route will no longer be processed. | | `NGROK_DELETE_RESERVED_DOMAIN_CERTIFICATE` | Delete Reserved Domain Certificate | Detach the certificate attached to a reserved domain. Use when you need to remove a certificate from a reserved domain without deleting the domain itself. | | `NGROK_DELETE_RESERVED_DOMAIN_CERTIFICATE_MANAGEMENT_POLICY` | Delete Reserved Domain Certificate Management Policy | Detach the certificate management policy from a reserved domain. Use this action when you need to remove certificate management configuration from a domain. | | `NGROK_DELETE_SECRET` | Delete Secret | Delete a vault secret by ID. This action permanently removes the specified secret from your ngrok vault. | | `NGROK_DELETE_SSH_CREDENTIALS` | Delete SSH Credentials | Delete an SSH credential by ID. This action permanently removes the specified SSH credential from your ngrok account. SSH credentials are used to authenticate SSH connections through ngrok. Once deleted, the credential cannot be recovered and any services using it will lose access. | | `NGROK_DELETE_VAULT` | Delete Vault | Delete a vault by ID. This action permanently removes the specified vault from your ngrok account. | | `NGROK_GET_API_KEY` | Get API Key | Get the details of an API key by ID. Use this tool to retrieve information about a specific ngrok API key, including its description, metadata, and creation timestamp. | | `NGROK_GET_CREDENTIALS` | Get Credentials | Tool to retrieve detailed information about a tunnel authtoken credential by ID. Use when you need to view the details, metadata, or ACL rules of an existing credential. Note: The token field will be null for existing credentials (only available on creation). | | `NGROK_GET_EDGE_ROUTE_BACKEND_MODULE` | Get Edge Route Backend Module | Retrieves the backend module configuration for an HTTPS edge route. Backend modules define where traffic is routed after passing through the edge route's modules. Use this to verify backend configuration or audit routing behavior. | | `NGROK_GET_EDGE_ROUTE_CIRCUIT_BREAKER_MODULE` | Get Edge Route Circuit Breaker Module | Tool to retrieve the circuit breaker module configuration for a specific HTTPS edge route. Use when you need to check the current circuit breaker settings, verify protection parameters, or audit traffic protection policies. | | `NGROK_GET_EDGE_ROUTE_COMPRESSION_MODULE` | Get Edge Route Compression Module | Retrieves the compression module configuration for a specific HTTPS edge route. Use this to check if compression is enabled for the route. | | `NGROK_GET_EDGE_ROUTE_IP_RESTRICTION_MODULE` | Get Edge Route IP Restriction Module | Retrieves the IP restriction module configuration for a specific HTTPS edge route. Use this to check which IP policies are applied to control access to the route. | | `NGROK_GET_EDGE_ROUTE_OIDC_MODULE` | Get Edge Route OIDC Module | Retrieves the OIDC (OpenID Connect) module configuration for a specific HTTPS edge route. OIDC modules enable authentication via OpenID Connect providers on your edge routes. This action fetches the current OIDC configuration including provider settings, scopes, and session timeout settings. Returns null if the OIDC module is not configured for the route. | | `NGROK_GET_EDGE_ROUTE_REQUEST_HEADERS_MODULE` | Get Edge Route Request Headers Module | Retrieves the request headers module configuration for a specific HTTPS edge route. The request headers module allows you to add and remove headers from HTTP requests before they are sent to your upstream server. Use this action to inspect the current request header manipulation rules for a route. | | `NGROK_GET_EDGE_ROUTE_RESPONSE_HEADERS_MODULE` | Get Edge Route Response Headers Module | Get the response headers module configuration for an HTTPS edge route. Use when you need to retrieve the current response header manipulation settings for a specific route. | | `NGROK_GET_EDGE_ROUTE_SAML_MODULE` | Get Edge Route SAML Module | Retrieves the SAML authentication module configuration for a specific HTTPS edge route. Use this to view SAML settings including identity provider configuration, session timeouts, and authorized groups. | | `NGROK_GET_EDGE_ROUTE_TRAFFIC_POLICY` | Get Edge Route Traffic Policy | Retrieves the Traffic Policy module configuration for a specific HTTPS edge route. Traffic policies define how ngrok handles requests and responses on the edge route. Use this to inspect current traffic policy rules applied to an edge route. | | `NGROK_GET_EDGE_ROUTE_USER_AGENT_FILTER_MODULE` | Get Edge Route User Agent Filter Module | Retrieves the user agent filter module configuration for a specific HTTPS edge route. Use this to view filtering rules that control access based on User-Agent headers. | | `NGROK_GET_EDGE_ROUTE_WEBHOOK_VERIFICATION_MODULE` | Get Edge Route Webhook Verification Module | Retrieves the webhook verification module configuration for an HTTPS edge route. Webhook verification modules validate incoming webhooks from supported providers. Use this to verify webhook configuration or audit webhook security settings. | | `NGROK_GET_EDGE_ROUTE_WEBSOCKET_TCP_CONVERTER_MODULE` | Get Edge Route WebSocket TCP Converter Module | Retrieves the WebSocket TCP Converter module configuration for a specific HTTPS edge route. This module converts WebSocket connections to TCP streams. Use this to inspect whether the converter is enabled. | | `NGROK_GET_ENDPOINT` | Get Endpoint | Get the status of an endpoint by ID. Use this tool to retrieve detailed information about a specific ngrok endpoint, including its configuration, URLs, and associated resources. | | `NGROK_GET_EVENT_SOURCE` | Get Event Source | Get an event source by type for a specific event subscription. Use this tool to retrieve details about a specific event source type that triggers notifications for an event subscription. | | `NGROK_GET_HTTPS_EDGE` | Get HTTPS Edge | Get the details of an HTTPS edge by ID. Use this to retrieve information about a specific HTTPS edge configuration including its hostports, TLS settings, and routes. | | `NGROK_GET_HTTPS_EDGE_MUTUAL_TLS_MODULE` | Get HTTPS Edge Mutual TLS Module | Retrieves the mutual TLS module configuration for an HTTPS edge. Use this to check if mutual TLS is enabled and which certificate authorities are configured for client certificate validation. | | `NGROK_GET_HTTPS_EDGE_ROUTE` | Get HTTPS Edge Route | Retrieves detailed information about a specific HTTPS edge route by its ID. HTTPS edge routes define how ngrok routes traffic based on path matching rules and apply various modules like authentication, compression, and traffic policies. | | `NGROK_GET_IP_RESTRICTIONS` | Get IP Restriction Details | Retrieves detailed information about a specific IP restriction by its ID. IP restrictions control which IP addresses can access various ngrok resources (dashboard, API, agents, or endpoints). This action fetches complete details including enforcement status, associated IP policies, and metadata. Use this action for auditing, verification, or before modifying IP restrictions. Note: Requires Account Governance add-on on a Pay-as-you-go plan to have IP restrictions. | | `NGROK_GET_RESERVED_DOMAIN` | Get Reserved Domain | Get the details of a reserved domain by ID. Use this to retrieve information about a specific reserved domain including its hostname, certificate configuration, and DNS settings. | | `NGROK_GET_SECRET` | Get Secret | Tool to retrieve detailed information about a vault secret by ID. Use when you need to view the metadata, description, or vault information for an existing secret. | | `NGROK_GET_SECRETS_BY_VAULT` | Get Secrets by Vault | Tool to get all secrets in a vault by vault ID. Use this to retrieve the list of secrets stored in a specific ngrok vault. Supports pagination for large result sets. | | `NGROK_GET_SSH_CREDENTIALS` | Get SSH Credentials | Tool to retrieve detailed information about an SSH credential by ID. Use when you need to view the details, public key, metadata, or ACL rules of an existing SSH credential. | | `NGROK_GET_VAULT` | Get Vault | Get the details of a vault by ID. Use this tool to retrieve information about a specific ngrok vault, including its name, description, metadata, and timestamps. | | `NGROK_LIST_AGENT_INGRESSES` | List Agent Ingresses | List all Agent Ingresses owned by this account. Agent Ingresses are used to configure custom domains for ngrok agent connections, allowing you to use your own domain instead of the default ngrok domains. | | `NGROK_LIST_API_KEYS` | List API Keys | This tool lists all API keys owned by the user. The API keys are used to authenticate API requests to ngrok's REST API. The endpoint returns a paginated list of API keys. | | `NGROK_LIST_BOT_USERS` | List Bot Users | Tool to list all bot users on this ngrok account. Use when you need to retrieve all bot users with their status and metadata. | | `NGROK_LIST_CERT_AUTHORITIES` | List Certificate Authorities | List all certificate authorities on this account. Certificate authorities are x509 certificates used to sign other x509 certificates. Supports pagination and filtering via CEL expressions. | | `NGROK_LIST_CREDENTIALS` | List Tunnel Credentials | List all tunnel authtoken credentials on the ngrok account. Use when you need to view all credentials that can authenticate ngrok agents and start tunnel sessions. | | `NGROK_LIST_ENDPOINTS` | List All Endpoints | List all active endpoints on the ngrok account. This tool will list all active endpoints on the ngrok account, providing visibility into running tunnels and endpoints. It requires no input parameters beyond authentication and serves as a fundamental component for monitoring, managing, and referencing ngrok resources. | | `NGROK_LIST_EVENT_DESTINATIONS` | List Event Destinations | List all Event Destinations on the ngrok account. Event Destinations define where and how ngrok should send event data (e.g., to AWS, Datadog, Azure). Use this to view configured event streaming targets. | | `NGROK_LIST_EVENT_SUBSCRIPTIONS` | List Event Subscriptions | List all event subscriptions on the ngrok account. Event subscriptions allow you to be notified when specific events occur in your ngrok account. Use this to view all configured event subscriptions. | | `NGROK_LIST_EVENT_SUBSCRIPTION_SOURCES` | List Event Subscription Sources | Tool to list the types for which this event subscription will trigger. Use when you need to see all event sources configured for a specific event subscription. | | `NGROK_LIST_FAILOVER_BACKENDS` | List Failover Backends | List all failover backends on this account. Failover backends define failover behavior within a list of referenced backends where traffic is sent to the first backend, and if that backend is offline, ngrok attempts to connect to the next backend in the list. | | `NGROK_LIST_HTTP_RESPONSE_BACKENDS` | List HTTP Response Backends | List all HTTP response backends on the account. Use this to retrieve all configured static HTTP response backends that return fixed responses with specific status codes. | | `NGROK_LIST_HTTPS_EDGES` | List HTTPS Edges | Lists all HTTPS Edges in your ngrok account. HTTPS edges are configurations that tell ngrok how to handle HTTPS traffic. The action returns a paginated list of all HTTPS edges associated with your account. | | `NGROK_LIST_IP_POLICIES` | List IP Policies | List all IP policies on this account. IP policies are reusable groups of CIDR ranges with an allow or deny action that can be attached to endpoints via the Endpoint Configuration IP Policy module. Supports pagination and filtering with CEL expressions. | | `NGROK_LIST_IP_POLICY_RULES` | List IP Policy Rules | This tool lists all IP policy rules associated with your ngrok account. It retrieves detailed information including rule id, creation timestamp, description, metadata, CIDR, the associated IP policy, and the action (allow or deny) for each rule. It supports pagination with parameters 'limit' for the maximum number of results and 'before_id' for pagination. | | `NGROK_LIST_IP_RESTRICTIONS` | List IP Restrictions | Lists all IP restrictions configured on the ngrok account. IP restrictions control which source CIDR blocks are permitted to access specific ngrok account features such as the dashboard, API, agents, or public endpoints. Supports pagination via 'limit' and 'before_id', and filtering via CEL expressions. Returns details including id, uri, created_at, description, metadata, enforced status, type, and associated IP policies for each restriction. | | `NGROK_LIST_RESERVED_ADDRS` | List Reserved Addresses | List all reserved addresses on this account. Use this to retrieve all TCP addresses that have been reserved for listening to traffic on your ngrok account. | | `NGROK_LIST_RESERVED_DOMAINS` | List Reserved Domains | List all reserved domains on this account. Use this to retrieve all hostnames that have been reserved for listening to HTTP, HTTPS, and TLS traffic on your ngrok account. | | `NGROK_LIST_SERVICE_USERS` | List Service Users | Tool to list all service users on this ngrok account. Use when you need to retrieve all service users with their status and metadata. | | `NGROK_LIST_SSH_CERTIFICATE_AUTHORITIES` | List SSH Certificate Authorities | List all SSH Certificate Authorities on this account. SSH Certificate Authorities are pairs of SSH certificates and their private keys used to sign other SSH host and user certificates. Supports pagination and filtering via CEL expressions. | | `NGROK_LIST_SSH_CREDENTIALS` | List SSH Credentials | List all SSH credentials on the ngrok account. Use when you need to view all SSH public keys that can authenticate to start SSH tunnels. | | `NGROK_LIST_SSH_HOST_CERTIFICATES` | List SSH Host Certificates | List all SSH Host Certificates issued on this account. SSH Host Certificates are used to sign SSH host keys and authenticate SSH servers. Supports pagination for efficient retrieval of large result sets. | | `NGROK_LIST_SSH_USER_CERTIFICATES` | List SSH User Certificates | List all SSH user certificates on the ngrok account. Use when you need to view all SSH certificates that authenticate SSH clients to SSH servers. | | `NGROK_LIST_STATIC_BACKENDS` | List Static Backends | List all static backends on the account. Static backends forward traffic to TCP addresses (hostname and port) that are reachable on the public internet. | | `NGROK_LIST_TCP_EDGES` | List TCP Edges | Lists all TCP Edges in your ngrok account. TCP edges are configurations that tell ngrok how to handle TCP traffic. The action returns a paginated list of all TCP edges associated with your account. | | `NGROK_LIST_TLS_CERTIFICATES` | List TLS Certificates | List all TLS certificates on the ngrok account. Use when you need to retrieve information about uploaded TLS certificates including validity, domains, and metadata. | | `NGROK_LIST_TLS_EDGES` | List TLS Edges | Lists all TLS Edges in your ngrok account. TLS edges are configurations that tell ngrok how to handle TLS traffic. The action returns a paginated list of all TLS edges associated with your account. | | `NGROK_LIST_TUNNELS` | List Active Tunnels | List all active tunnels in the ngrok account. This tool lists all active tunnels in the ngrok account, providing details such as tunnel ID, public URL, start time, protocol, configuration details, and metadata. It requires no input parameters beyond authentication and returns a paginated list of all running tunnels with their complete status information. | | `NGROK_LIST_TUNNEL_SESSIONS` | List Tunnel Sessions | List all online tunnel sessions running on this account. Tunnel sessions represent instances of ngrok agents or SSH reverse tunnel sessions connected to the ngrok service. Each tunnel session can include one or more tunnels. | | `NGROK_LIST_VAULTS` | List Vaults | List all vaults owned by the ngrok account. Vaults are used for securely storing and managing sensitive data such as secrets, credentials, and tokens. | | `NGROK_LIST_VAULT_SECRETS` | List Vault Secrets | List all vault secrets owned by the ngrok account. Use when you need to view all secrets stored in vaults for traffic policy configurations. | | `NGROK_LIST_WEIGHTED_BACKENDS` | List Weighted Backends | List all weighted backends on the ngrok account. Weighted backends balance traffic among referenced backends proportionally based on their assigned weights. | | `NGROK_REPLACE_EDGE_ROUTE_CIRCUIT_BREAKER_MODULE` | Replace Edge Route Circuit Breaker Module | Replaces the circuit breaker module configuration on an HTTPS edge route. Circuit breakers protect upstream applications by rejecting traffic when error rates exceed thresholds, giving systems time to recover. Use this action when you need to configure or update circuit breaker settings for a specific route on an HTTPS edge. | | `NGROK_REPLACE_EDGE_ROUTE_COMPRESSION_MODULE` | Replace Edge Route Compression Module | Replaces the compression module configuration for an HTTPS edge route. Use this when you need to enable or disable automatic HTTP response compression for a specific route. | | `NGROK_REPLACE_EDGE_ROUTE_REQUEST_HEADERS_MODULE` | Replace Edge Route Request Headers Module | Replaces the request headers module configuration for an HTTPS edge route. Use this to modify HTTP request headers before they are sent to your upstream application server. You can add new headers or remove existing ones. | | `NGROK_REPLACE_EDGE_ROUTE_RESPONSE_HEADERS_MODULE` | Replace Edge Route Response Headers Module | Replaces the response headers module configuration for an HTTPS edge route. Use this to control which HTTP headers are added to or removed from responses sent to clients. This allows customization of response headers for security, CORS, caching, or other purposes. | | `NGROK_REPLACE_EDGE_ROUTE_TRAFFIC_POLICY` | Replace Edge Route Traffic Policy | Replaces the traffic policy module on an HTTPS edge route. Traffic policies allow you to control and modify HTTP traffic flowing through your ngrok endpoints. Use this action when you need to update or change the traffic policy rules for a specific route on an HTTPS edge. | | `NGROK_REPLACE_EDGE_ROUTE_USER_AGENT_FILTER_MODULE` | Replace Edge Route User Agent Filter Module | Replaces the user agent filter module configuration for an HTTPS edge route. Use this to control which User-Agent strings are allowed or denied access to your route based on regex patterns. Denied patterns take precedence over allowed patterns. | | `NGROK_REPLACE_EDGE_ROUTE_WEBHOOK_VERIFICATION_MODULE` | Replace Edge Route Webhook Verification Module | Replaces the webhook verification module configuration for an HTTPS edge route. Use this to configure ngrok to automatically verify webhook signatures from supported providers. This ensures that only authenticated webhook requests from your chosen provider reach your backend service. | | `NGROK_UPDATE_API_KEY` | Update API Key | Updates attributes of an API key by ID. Use this to modify the description or metadata of an existing API key without changing its token or credentials. | | `NGROK_UPDATE_CREDENTIALS` | Update Credentials | Tool to update attributes of a tunnel authtoken credential by ID. Use when you need to modify the description, metadata, or ACL rules of an existing credential. | | `NGROK_UPDATE_ENDPOINT` | Update Endpoint | Tool to update an Endpoint by ID, currently available only for cloud endpoints. Use this to modify the description, metadata, traffic policy, bindings, or other attributes of an existing endpoint. | | `NGROK_UPDATE_EVENT_SUBSCRIPTION` | Update Event Subscription | Tool to update attributes of an event subscription by ID. Use when you need to modify the description, metadata, destination IDs, or sources of an existing event subscription. | | `NGROK_UPDATE_HTTPS_EDGE_ROUTE` | Update HTTPS Edge Route | Tool to update an HTTPS edge route by ID. Use when you need to modify route configuration for HTTPS traffic handling. Updates can include match patterns, module settings, and metadata. Unspecified modules remain unchanged. | | `NGROK_UPDATE_RESERVED_DOMAIN` | Update Reserved Domain | Tool to update the attributes of a reserved domain by ID. Use this to modify the description, metadata, certificate configuration, or DNS resolver targets of an existing reserved domain. | | `NGROK_UPDATE_SECRET` | Update Secret | Tool to update a vault secret by ID. Use when you need to modify the name, description, metadata, or value of an existing secret in the ngrok vault. | | `NGROK_UPDATE_SSH_CREDENTIAL` | Update SSH Credential | Tool to update attributes of an SSH credential by ID. Use when you need to modify the description, metadata, or ACL rules of an existing SSH credential. | | `NGROK_UPDATE_VAULT` | Update Vault | Tool to update attributes of a vault by ID. Use when you need to modify the name, description, or metadata of an existing vault. | ## Supported Triggers None listed. ## Creating MCP Server - Stand-alone vs Composio SDK The Ngrok MCP server provides comprehensive access to Ngrok operations through Composio. Once connected, you can perform all major Ngrok actions directly from OpenClaw using natural language commands. ## Complete Code None listed. ## Conclusion ### Conclusion You've successfully integrated Ngrok with OpenClaw using Composio plugin. Now interact with Ngrok directly from your terminal, Web UI, or any messenger app using natural language commands. Key benefits of this setup: - Seamless integration across TUI, Web UIs, and Messenger apps like Telegram, WhatsApp, Slack, etc. - Natural language commands for Ngrok operations - Managed authentication through Composio - Access to 20,000+ tools across 1000+ apps for cross-app workflows - Programmatic tool calling for complex tool chaining Next steps: - Try asking OpenClaw to perform various Ngrok operations - Explore cross-app workflows by connecting more toolkits like Calendar, Slack, Notion, etc. - Build complex automation scripts that leverage OpenClaw's 24/7 running capabilities ## How to build Ngrok MCP Agent with another framework - [OpenAI Agents SDK](https://composio.dev/toolkits/ngrok/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/ngrok/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/ngrok/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/ngrok/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/ngrok/framework/codex) - [Hermes](https://composio.dev/toolkits/ngrok/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/ngrok/framework/cli) - [Google ADK](https://composio.dev/toolkits/ngrok/framework/google-adk) - [LangChain](https://composio.dev/toolkits/ngrok/framework/langchain) - [Vercel AI SDK](https://composio.dev/toolkits/ngrok/framework/ai-sdk) - [Mastra AI](https://composio.dev/toolkits/ngrok/framework/mastra-ai) - [LlamaIndex](https://composio.dev/toolkits/ngrok/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/ngrok/framework/crew-ai) ## Related Toolkits - [Supabase](https://composio.dev/toolkits/supabase) - Supabase is an open-source backend platform offering scalable Postgres databases, authentication, storage, and real-time APIs. It lets developers build modern apps without managing infrastructure. - [Codeinterpreter](https://composio.dev/toolkits/codeinterpreter) - Codeinterpreter is a Python-based coding environment with built-in data analysis and visualization. It lets you instantly run scripts, plot results, and prototype solutions inside supported platforms. - [GitHub](https://composio.dev/toolkits/github) - GitHub is a code hosting platform for version control and collaborative software development. It streamlines project management, code review, and team workflows in one place. - [Ably](https://composio.dev/toolkits/ably) - Ably is a real-time messaging platform for live chat and data sync in modern apps. It offers global scale and rock-solid reliability for seamless, instant experiences. - [Abuselpdb](https://composio.dev/toolkits/abuselpdb) - Abuselpdb is a central database for reporting and checking IPs linked to malicious online activity. Use it to quickly identify and report suspicious or abusive IP addresses. - [Alchemy](https://composio.dev/toolkits/alchemy) - Alchemy is a blockchain development platform offering APIs and tools for Ethereum apps. It simplifies building and scaling Web3 projects with robust infrastructure. - [Algolia](https://composio.dev/toolkits/algolia) - Algolia is a hosted search API that powers lightning-fast, relevant search experiences for web and mobile apps. It helps developers deliver instant, typo-tolerant, and scalable search without complex infrastructure. - [Anchor browser](https://composio.dev/toolkits/anchor_browser) - Anchor browser is a developer platform for AI-powered web automation. It transforms complex browser actions into easy API endpoints for streamlined web interaction. - [Apiflash](https://composio.dev/toolkits/apiflash) - Apiflash is a website screenshot API for programmatically capturing web pages. It delivers high-quality screenshots on demand for automation, monitoring, or reporting. - [Apiverve](https://composio.dev/toolkits/apiverve) - Apiverve delivers a suite of powerful APIs that simplify integration for developers. It's designed for reliability and scalability so you can build faster, smarter applications without the integration headache. - [Appcircle](https://composio.dev/toolkits/appcircle) - Appcircle is an enterprise-grade mobile CI/CD platform for building, testing, and publishing mobile apps. It streamlines mobile DevOps so teams ship faster and with more confidence. - [Appdrag](https://composio.dev/toolkits/appdrag) - Appdrag is a cloud platform for building websites, APIs, and databases with drag-and-drop tools and code editing. It accelerates development and iteration by combining hosting, database management, and low-code features in one place. - [Appveyor](https://composio.dev/toolkits/appveyor) - AppVeyor is a cloud-based continuous integration service for building, testing, and deploying applications. It helps developers automate and streamline their software delivery pipelines. - [Backendless](https://composio.dev/toolkits/backendless) - Backendless is a backend-as-a-service platform for mobile and web apps, offering database, file storage, user authentication, and APIs. It helps developers ship scalable applications faster without managing server infrastructure. - [Baserow](https://composio.dev/toolkits/baserow) - Baserow is an open-source no-code database platform for building collaborative data apps. It makes it easy for teams to organize data and automate workflows without writing code. - [Bench](https://composio.dev/toolkits/bench) - Bench is a benchmarking tool for automated performance measurement and analysis. It helps you quickly evaluate, compare, and track your systems or workflows. - [Better stack](https://composio.dev/toolkits/better_stack) - Better Stack is a monitoring, logging, and incident management solution for apps and services. It helps teams ensure application reliability and performance with real-time insights. - [Bitbucket](https://composio.dev/toolkits/bitbucket) - Bitbucket is a Git-based code hosting and collaboration platform for teams. It enables secure repository management and streamlined code reviews. - [Blazemeter](https://composio.dev/toolkits/blazemeter) - Blazemeter is a continuous testing platform for web and mobile app performance. It empowers teams to automate and analyze large-scale tests with ease. - [Blocknative](https://composio.dev/toolkits/blocknative) - Blocknative delivers real-time mempool monitoring and transaction management for public blockchains. Instantly track pending transactions and optimize blockchain interactions with live data. ## Frequently Asked Questions ### What are the differences in Tool Router MCP and Ngrok MCP? With a standalone Ngrok MCP server, the agents and LLMs can only access a fixed set of Ngrok tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Ngrok and many other apps based on the task at hand, all through a single MCP endpoint. ### Can I use Tool Router MCP with OpenClaw? Yes, you can. OpenClaw fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Ngrok tools. ### Can I manage the permissions and scopes for Ngrok while using Tool Router? Yes, absolutely. You can configure which Ngrok scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do. ### How safe is my data with Composio Tool Router? All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Ngrok data and credentials are handled as safely as possible. --- [See all toolkits](https://composio.dev/toolkits) ยท [Composio docs](https://docs.composio.dev/llms.txt)