Architecture Overview

Learn about the NGINX Management Suite API Connectivity Manager architecture.


This topic provides an overview of the NGINX Management Suite API Connectivity Manager (ACM) architecture and personas.


The following terminology is used in this topic:

Term Description
Gateway Proxy The data plane host acting as the reverse proxy to backend services. This is not to be confused with the API Gateway, which represents the actual NGINX instance.
Dev Portal Proxy The data plane host used for API documentation.
Management Plane The plane responsible for provisioning the infrastructure needed for connecting, securing, and governing APIs. Infrastructure Admins and API Owners use the management plane to provision and maintain configurations.
Data Plane The planes corresponding to NGINX Plus instances managed by API Connectivity Manager. Application Owners consume APIs on the data plane that were created by the API Owners.


The following architecture diagram describes the arrangement of the NGINX Management Suite API Connectivity Manage components and how they interact.

API Connectivity Manager follows an API-first approach. Commands issued using the web interface are processed using the ACM REST API.

High Level Component Diagram


ACM uses NATS to communicate with the following NGINX Management Suite services:

Service Description
nms-core The core service sets up and configures the control plane. Also, the service analyzes data for metrics, events, and alerts.
nms-dpm The data plane manager (DPM) service configures NGINX instances on the data plane. The service also monitors the state of data plane resources and generates reports and event messages.
nms-ingestion The ingestion service collects the metrics, security violations, and events that aren’t sent to the data plane manager by the NGINX Agent. This information can be forwarded to external datastores.


Infrastructure Admin

Infrastructure Admins, interacting primarily with the management plane, manage the infrastructure for hosts.

Routine tasks

  • Configure SSO
  • Provision the infrastructure
  • Configure domain names
  • Manage data plane hosts
  • Manage certificates
  • Enforce global/enterprise policies

API Owner

API Owners oversee the API lifecycle, which they can maintain using a CI/CD pipeline.

The API Owner relies on the Infrastructure Admin to complete the initial configuration before beginning work.

Routine tasks

  • Set up an API team
  • On-board an API
  • Configure policies to meet Quality of Service (QoS) commitments
  • Select the gateway proxy for publishing an API
  • Select the Dev Portal proxy for publishing API documentation

Application Owner

Application Owners develop new digital experiences.

Routine tasks

  • Learn about APIs and API contracts by reading the documentation on the Dev Portal.
  • Test APIs using the “Try it out” feature in the on-board documentation.