Nurbak Feature
Monitor both REST and GraphQL endpoints with full authentication support and automatic spec discovery.
Nurbak monitors both REST and GraphQL API endpoints using the same health check infrastructure. It supports all 8 HTTP methods, 5 authentication types including OAuth 2.0 and custom headers, and automatically discovers OpenAPI and Swagger specifications by probing 15+ common paths. Whether your API serves JSON over REST or handles queries via GraphQL, Nurbak provides unified uptime and performance monitoring.
Enter your REST or GraphQL endpoint URL. Choose the HTTP method, set authentication credentials, and add any custom headers your API requires. For GraphQL, use POST with your health check query in the request body.
Select from 5 authentication types — API Key, Bearer Token, Basic Auth, OAuth 2.0, or Custom Headers. All credentials are encrypted at rest and never logged in plain text during health checks.
Nurbak begins health checks immediately from multiple regions. For REST APIs, it also probes 15+ common paths to auto-discover OpenAPI or Swagger specs, giving you additional insight into your API surface area.
Monitor any HTTP-based API regardless of architecture. REST endpoints are checked with standard requests while GraphQL endpoints can be monitored using POST requests with custom query bodies.
Full support for GET, POST, PUT, PATCH, DELETE, HEAD, and OPTIONS methods. Choose the method that best represents a real health check for each specific endpoint you monitor.
Authenticate with API Key, Bearer Token, Basic Auth, OAuth 2.0, or Custom Headers. Each type is purpose-built to handle the most common API authentication patterns without workarounds.
Add any number of custom HTTP headers to your health check requests. Essential for APIs that require specific content types, API versions, tenant identifiers, or correlation IDs.
Nurbak probes 15+ common specification paths including /openapi.json, /swagger.json, /api-docs, and /v2/api-docs to automatically find and catalog your machine-readable API specifications.
All authentication credentials are encrypted at rest using AES-256 encryption. Credentials are decrypted only at the moment of each health check and are never written to logs or exposed in the dashboard.
Add your GraphQL endpoint URL and select POST as the HTTP method. In the request body, include a simple health check query like a basic introspection query or a lightweight resolver. Nurbak will send this query with each health check and verify the endpoint responds with a 200 status. You can add authentication headers just like any REST endpoint.
Nurbak probes 15+ common paths where API specifications are typically served. These include /openapi.json, /openapi.yaml, /swagger.json, /swagger.yaml, /api-docs, /v2/api-docs, /v3/api-docs, /docs/openapi.json, and several framework-specific paths for Rails, Express, Django, and Spring Boot applications. Discovery runs once when you add an endpoint and can be re-triggered manually.
Yes. All credentials are encrypted at rest using AES-256 encryption and are only decrypted in memory at the moment of each health check request. Credentials are never stored in plain text, never written to log files, and never displayed in the dashboard after initial entry. The encryption keys are managed separately from the application database for defense in depth.
Free during beta. No credit card required.
No spam. Unsubscribe anytime.
