Documentation Get Started

Security Enforcement

Zero-trust architecture for your microservices. Enforce JWT validation, OAuth2 flows, and DDoS mitigation at the edge.

fluxgate config
> jwt.validate: true
> oauth2.provider: "keycloak.internal"
> rate.limit: 1000r/m
> waf.mode: "block"
Defense in Depth

Comprehensive Security Layers

FluxGate integrates seamlessly with your existing security infrastructure. From token introspection to IP reputation scoring, we provide granular control over every request.

FluxGate dashboard showing real-time threat blocking and JWT token validation metrics

JWT & OAuth2 Validation

Verify signatures using RS256/ES256 keys. Support for JWKS rotation, audience claims, and custom scopes. Integrates with Auth0, Okta, and Keycloak via standard discovery endpoints.

DDoS Mitigation

Layer 7 protection with adaptive rate limiting. Configure thresholds per route or client IP. Automatic challenge responses for suspicious traffic patterns without impacting legitimate bursts.

WAF Integration

Deploy OWASP Core Rule Set (CRS) directly in the gateway. Block SQL injection, XSS, and path traversal attempts. Custom rules via Lua or Rego policies for application-specific threats.

Zero-Trust Mesh

Mutual TLS (mTLS) enforcement for service-to-service communication. Short-lived certificates and identity-based access control ensure that compromised credentials cannot be reused.

Regulatory Alignment

GDPR & Compliance Tools

Built for enterprises that require strict data governance. FluxGate provides the primitives needed to meet GDPR, HIPAA, and SOC 2 requirements out of the box.

PII Redaction & Masking

Automatically detect and mask sensitive fields like SSN, credit card numbers, and email addresses in request/response bodies. Configurable regex patterns ensure no PII leaks to downstream logs.

Immutable Audit Logs

Every enforcement decision is recorded with a cryptographic hash. Export logs to S3, Kafka, or Splunk. Includes client IP, user-agent, matched policy, and latency for forensic analysis.

Data Residency Controls

Geo-fencing capabilities to restrict API access based on origin. Ensure data processing stays within EU borders by blocking requests from non-compliant regions at the ingress level.

Secure Your Microservices Today

FluxGate is the open-source API gateway for microservices designed by security engineers. Deploy your first policy in minutes.

Install FluxGate Read Security Docs