Nolxy

Nolxy is an API gateway platform that wraps any backend with the infrastructure you'd otherwise spend weeks building. Point Nolxy in front of your existing service. No code changes required. No SDK to install. Your backend stays exactly as it is. What it does Nolxy handles authentication, rate limiting, response caching, request transformation, and real-time analytics at the gateway level. Every request hits Nolxy first. Authenticated, rate-checked, and (when applicable) served straight from cache before it ever reaches your upstream. API keys are the entry point. Each key can be scoped to specific routes and IP addresses, given an expiration date, and set as either a server key or a read-only public key. Keys are hashed at rest. IP restrictions support both allowlists and blocklists with full CIDR notation. CSRF protection, security headers, and path sanitization are applied automatically. Response caching works out of the box. Cache hits skip the proxy entirely and come back in near-zero time. You control the TTL per route, which status codes to cache, and which request headers to include in the cache key. Every response tells you whether it was a hit or a miss. Rate limits protect your upstream from abuse. When a key exceeds its per-second limit, the caller gets a 429 with a Retry-After header. Monthly quotas are tracked separately. Both are enforced without any configuration on your end beyond choosing a plan. Transformation pipelines let you reshape requests and responses between the caller and your backend. Add, remove, or rename fields. Change string casing. Strip whitespace. Transformations run in order and are configured entirely from the dashboard. Request validation rejects malformed payloads before they reach your backend. You attach a JSON Schema to a route and method, and Nolxy handles the rest. Invalid requests get a structured 400 response with field-level error details. The schema builder is visual, no JSON editing needed. CORS is handled at the gateway level per route. Preflight requests are automatic. Your backend does not need to know about CORS. The circuit breaker protects against cascading failures. When your upstream starts responding with errors, Nolxy stops forwarding requests and returns a 503 immediately. Once your service recovers, the circuit closes again. The current state is always visible in the response headers. Observability without setup Every request is logged. The analytics dashboard gives you request volume, bandwidth, average latency broken down by gateway vs upstream, success rate, and cache hit ratio. Traffic origins are visible on a geo map. No separate observability stack required. Webhooks let you respond to quota warnings, circuit breaker state changes, and API key events in real time. On higher plans, logs stream directly to Datadog or any HTTP endpoint. A portal your API consumers can actually use Nolxy auto-generates a public developer portal from your route configuration. It includes an OpenAPI 3.0 spec, a full route listing, and a self-serve key generator. Your consumers can onboard without contacting you. For teams that prefer infrastructure as code Routes can be defined in a config file and synced via CLI. Changes are previewable before applying. CI/CD integration uses Service Accounts. Route identity is based on name, so changing a path does not break your analytics history. Custom domains. Point your own domain (e.g. api.yourstartup.com) to your Nolxy gateway. Verification is a TXT record. Full Cloudflare proxy support for automatic SSL. Currently in free beta. No credit card required. Full feature access from day one.