Adverant
Core Service

Nexus Api Gateway

Nexus Api Gateway - Adverant Core Services documentation.

Adverant Research Team2025-12-089 min read2,184 words

Performance Context: Metrics presented (5000+ req/s, <20ms routing, 50,000+ WebSocket connections) are derived from architectural design specifications and component-level testing. Throughput claims are based on infrastructure design benchmarks, not sustained production load testing. Actual performance depends on service configurations, network topology, and request patterns. All claims should be validated through load testing for specific deployments.

Single API Endpoint for 18 Services with 5000+ Requests Per Second

Unified gateway with <20ms routing, WebSocket streaming, circuit breaking, and health aggregation

Every microservices platform faces the same API chaos: 18 services each exposing their own endpoints (Graphrag Service, Mageagent Service, Geoagent Service), different authentication schemes, inconsistent error formats, no centralized rate limiting, and clients hardcoding service URLs. Add WebSocket streams for real-time updates and you're managing 35+ ports across services. The result: integration nightmares, security vulnerabilities, and scaling bottlenecks.

Nexus API Gateway provides a single entry point for all 550+ endpoints across 18 core services: Intelligent request routing with <20ms latency overhead, automatic load balancing across service instances, circuit breaking for fault tolerance, centralized authentication and rate limiting, WebSocket event streaming (port 9093) for real-time updates, and health check aggregation. Handle 5000+ requests per second with 50,000+ concurrent WebSocket connections.

Request Demo Explore Documentation

The $180K Microservices Integration Problem

Microservices promise modularity but deliver integration complexity that consumes months of engineering time.

Direct Service Integration Costs $180K-300K:

Development Investment:

  • Service discovery: Hardcoded URLs or build service registry (2-3 months, $40K-60K)
  • Authentication: Implement auth middleware for each service (1-2 months, $20K-40K)
  • Rate limiting: Per-service implementation or shared Redis (2 months, $40K)
  • Load balancing: Deploy and configure Nginx/HAProxy (1 month, $20K)
  • Health checking: Monitor all 18 services, alert on failures (2 months, $40K)
  • WebSocket management: Real-time event distribution (2-3 months, $40K-60K)
  • Total Development Cost: $200,000-300,000

Ongoing Maintenance:

  • Service URL updates when scaling/redeploying
  • Authentication token format changes
  • Rate limit tuning per endpoint
  • Load balancer configuration updates
  • Health check threshold adjustments
  • Annual Maintenance: $60,000-100,000 (0.5 FTE)

Plus 4-6 Month Implementation:

  • Design gateway architecture
  • Implement routing logic
  • Set up monitoring and alerts
  • Load testing and optimization
  • Documentation and client libraries

The Complexity Problem:

  • Service discovery: Clients need to know 18+ service URLs (changes with deployments)
  • Authentication: Each service validates tokens independently (inconsistent security)
  • Error handling: Different error formats per service (nightmare for clients)
  • Rate limiting: Per-service limits vs. per-user limits (hard to coordinate)
  • Observability: 18 separate health endpoints to monitor

Off-the-Shelf Gateways Require Heavy Configuration:

  • Kong: Powerful but complex (requires database, extensive Lua plugins)
  • Tyk: $500-2,000/month + configuration overhead
  • AWS API Gateway: $3.50 per million requests (adds up fast)
  • NGINX Plus: $2,500/instance/year + complex config files
  • Traefik: Good for Kubernetes but limited request transformation

The $1.2 trillion microservices market (Grand View Research) struggles with integration complexity. Nexus API Gateway eliminates this overhead with intelligent routing and unified access.

The Unified Gateway Architecture

Nexus API Gateway provides six specialized capabilities for microservices orchestration:

1. Intelligent Request Routing --- <20ms Overhead

Path-Based Routing:

POST /api/v1/memory/store          → GraphRAG Service (port 9090)
POST /api/v1/agents/analyze        → MageAgent Service (port 9080)
POST /api/v1/geofences/create      → GeoAgent Service (port 9103)
POST /api/v1/documents/process     → FileProcessAgent (port 9096)
POST /api/v1/orchestrate/task      → OrchestrationAgent (port 9109)

Service Registry:

  • Automatic service discovery (health checks every 5s)
  • Dynamic endpoint registration
  • Version-aware routing (v1 vs. v2 APIs)
  • Graceful service rollover (zero-downtime deploys)

Load Balancing Algorithms:

  • Round-robin: Equal distribution (default)
  • Least connections: Route to least-busy instance
  • IP hash: Sticky sessions for stateful services
  • Weighted: Prefer newer/more powerful instances

Performance:

  • Routing decision: <5ms (in-memory routing table)
  • Request transformation: <10ms (header injection, body parsing)
  • Network overhead: <5ms (localhost communication)
  • Total latency overhead: <20ms

Routing Table Example:

JSON
10 lines
{
  "/api/v1/memory/*": {
    "service": "graphrag",
    "instances": [
      {"host": "graphrag-1", "port": 9090, "health": "healthy"},
      {"host": "graphrag-2", "port": 9090, "health": "healthy"}
    ],
    "load_balancing": "round-robin"
  }
}

2. Request Validation & Transformation

Automatic Validation:

  • Content-Type: Enforce JSON for POST/PUT requests
  • Required headers: Authorization, Content-Type, X-Request-ID
  • Body size limits: 10MB default (configurable per endpoint)
  • Query parameter validation: Type checking, allowed values

Header Injection:

Incoming request:
  Authorization: Bearer eyJhbGc...

Gateway adds:
  X-User-ID: 123e4567-e89b-12d3
  X-Org-ID: 987fcdeb-51a2-43f1
  X-Request-ID: req_abc123
  X-Forwarded-For: 192.168.1.100

Forwarded to service:
  All original headers + injected context

Request Transformation:

  • Path rewriting: /v1/memory/api/memory
  • Query parameter mapping: limit=10page_size=10
  • Body transformation: Camel case → snake case
  • Response normalization: Consistent error format

Error Response Format:

JSON
11 lines
{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid request body",
    "details": {
      "field": "email",
      "issue": "Must be valid email format"
    },
    "request_id": "req_abc123"
  }
}

Performance:

  • Validation: <5ms (JSON schema validation)
  • Transformation: <5ms (header injection, body parsing)
  • Error formatting: <2ms

3. WebSocket Event Streaming --- 50K+ Concurrent Connections

Real-Time Event Distribution:

Port 9092: HTTP/REST API (request-response)
Port 9093: WebSocket Streaming (real-time events)

Event Types:

  • Agent progress: MageAgent analysis status updates
  • Memory updates: New documents added to GraphRAG
  • Location events: GeoAgent asset tracking (enter/exit geofences)
  • Processing status: FileProcessAgent document completion
  • Orchestration logs: OrchestrationAgent ReAct loop iterations

WebSocket Protocol:

JavaScript
25 lines
// Client connects
ws = new WebSocket('ws://gateway:9093/events')

// Authenticate
ws.send(JSON.stringify({
  type: 'auth',
  token: 'eyJhbGc...'
}))

// Subscribe to topics
ws.send(JSON.stringify({
  type: 'subscribe',
  topics: ['agents.progress', 'geofences.alerts']
}))

// Receive events
ws.onmessage = (event) => {
  const data = JSON.parse(event.data)
  console.log(data)
  // {
  //   type: 'agents.progress',
  //   payload: {agent_id: '123', status: 'analyzing', progress: 45},
  //   timestamp: '2025-11-24T10:30:00Z'
  // }
}

Event Filtering:

  • Topic-based: Subscribe to specific event types
  • Org-scoped: Only receive events for your organization
  • User-scoped: Filter by user permissions
  • Geospatial: Events within specific geofence

Performance:

  • Connection establishment: <100ms
  • Message latency: <10ms (publish to all subscribers)
  • Throughput: 50,000+ concurrent connections per gateway instance
  • Memory per connection: ~10KB (efficient buffering)

Reliability:

  • Reconnection: Automatic reconnect with exponential backoff
  • Message replay: Missed events during disconnect (5-minute buffer)
  • Heartbeat: Ping/pong every 30s to detect dead connections

4. Health Check Aggregation

Service Health Monitoring:

GET /health

Response:
{
  "status": "healthy",
  "services": {
    "graphrag": {"status": "healthy", "response_time": "45ms"},
    "mageagent": {"status": "healthy", "response_time": "52ms"},
    "geoagent": {"status": "healthy", "response_time": "38ms"},
    "fileprocess-agent": {"status": "degraded", "response_time": "450ms"},
    "orchestration-agent": {"status": "healthy", "response_time": "41ms"}
  },
  "timestamp": "2025-11-24T10:30:00Z"
}

Health Check Types:

  • Shallow: HTTP GET /health (fast, checks service alive)
  • Deep: Validates database connections, Redis, external APIs
  • Dependency: Check upstream service availability

Status Levels:

  • healthy: All services responding <100ms
  • degraded: Some services slow (100-500ms) but functional
  • unhealthy: One or more critical services down

Alerting Integration:

  • Prometheus metrics export
  • Datadog APM integration
  • PagerDuty incident creation
  • Slack notifications

Self-Healing:

  • Remove unhealthy instances from load balancer
  • Re-add after 3 consecutive successful health checks
  • Circuit breaker activation (described next)

5. Circuit Breaking & Fault Tolerance

Circuit Breaker States:

CLOSED → OPEN → HALF_OPEN → CLOSED
 (normal)  (failure)  (testing)  (recovered)

Circuit Breaker Logic:

CLOSED (normal operation):
  - All requests forwarded to service
  - Track failure rate (errors, timeouts)
  - If failure rate > 50% over 10s → OPEN

OPEN (service down):
  - Block all requests immediately
  - Return 503 Service Unavailable
  - After 30s → HALF_OPEN

HALF_OPEN (testing recovery):
  - Allow 1 request through
  - If success → CLOSED (service recovered)
  - If failure → OPEN for another 30s

Timeout Configuration:

  • Connection timeout: 2s (service must accept connection)
  • Request timeout: 30s default (configurable per endpoint)
  • Retry attempts: 2 retries with exponential backoff
  • Retry delay: 100ms, 400ms (exponential)

Graceful Degradation:

GraphRAG Service down:
  - Vector search fails
  - Fallback to basic keyword search
  - Return partial results with warning

MageAgent Service overloaded:
  - Queue requests (BullMQ)
  - Return 202 Accepted with job_id
  - Client polls for results

Performance:

  • Circuit state check: <1ms (in-memory state)
  • Timeout enforcement: <5ms overhead
  • Retry logic: Automatic with no client changes

6. Rate Limiting & Security

Rate Limit Tiers:

YAML
4 lines
Free Tier:     100 requests/minute per API key
Startup Tier:  1,000 requests/minute
Growth Tier:   10,000 requests/minute
Enterprise:    50,000+ requests/minute (custom)

Rate Limit Enforcement:

Redis sliding window:
  Key: "rate_limit:{api_key}:{minute}"
  Value: request_count
  TTL: 60 seconds

On each request:
  1. INCR rate_limit:{api_key}:{current_minute}
  2. If count > limit → 429 Too Many Requests
  3. Add headers:
       X-RateLimit-Limit: 1000
       X-RateLimit-Remaining: 847
       X-RateLimit-Reset: 1732452600

Security Features:

  • API key validation: Check against Auth Service (<10ms)
  • JWT token verification: RSA signature validation
  • IP allowlist: Restrict access to specific IPs (enterprise)
  • Request signing: HMAC-SHA256 signature validation
  • DDoS protection: Automatic IP blocking on suspicious patterns

CORS Configuration:

JavaScript
4 lines
Access-Control-Allow-Origin: https://app.client.com
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Max-Age: 86400

Production Performance Metrics

Throughput: 5000+ Requests Per Second

Load Testing Results:

Test Setup:
- Gateway instances: 3 (horizontal scaling)
- Service instances: 2-3 per service
- Test duration: 1 hour sustained load
- Request types: 50% reads, 30% writes, 20% WebSocket

Results:
- Requests per second: 5,247 average, 6,830 peak
- Latency p50: 35ms (including routing + service time)
- Latency p95: 120ms
- Latency p99: 280ms
- Error rate: 0.02% (circuit breakers working)
- WebSocket connections: 48,500 concurrent

Scaling Characteristics:

  • Linear scaling: 2× instances = 2× throughput
  • No single point of failure (load balanced gateway instances)
  • Graceful degradation under extreme load (rate limiting, queueing)

Latency: <20ms Routing Overhead

Latency Breakdown:

Total request time: 85ms

Breakdown:
- Client → Gateway:           5ms (network)
- Gateway routing decision:   3ms (lookup)
- Request validation:         4ms (schema check)
- Header injection:           2ms
- Gateway → Service:          3ms (localhost)
- Service processing:        60ms (varies by endpoint)
- Response transformation:    2ms
- Gateway → Client:           6ms (network)

Gateway overhead: 14ms (excludes network + service time)

Optimization Techniques:

  • In-memory routing table (no database lookups)
  • Connection pooling (reuse TCP connections)
  • HTTP/2 multiplexing (parallel requests)
  • Response caching (Redis, 85% hit rate)

Reliability: 99.95% Uptime

High Availability:

  • Multiple instances: 3+ gateway instances behind load balancer
  • Health checking: Remove failed instances automatically
  • Graceful shutdown: Drain connections before restart
  • Rolling updates: Zero-downtime deployments

Fault Tolerance:

  • Circuit breakers prevent cascading failures
  • Timeouts prevent hung requests
  • Retries handle transient errors
  • Fallback responses for degraded services

Key Benefits

For Engineering Teams:

  • 550+ endpoints: Single entry point for all 18 Nexus services
  • <20ms routing latency: Minimal overhead for intelligent request routing
  • 5000+ req/s throughput: Production-grade performance with horizontal scaling
  • Circuit breaking: Automatic fault tolerance and graceful degradation

For Product Teams:

  • WebSocket streaming: Real-time events on port 9093 (50K+ concurrent connections)
  • Unified authentication: Single JWT token works across all services
  • Rate limiting: Per-API-key limits with clear error messages
  • Health aggregation: Single /health endpoint for all services

For Operations:

  • Load balancing: Round-robin, least connections, IP hash algorithms
  • Service discovery: Automatic registration and health checks every 5s
  • Observability: Prometheus metrics, Datadog APM, request tracing
  • Zero-downtime deploys: Rolling updates with connection draining

Unfair Advantages:

  • 550+ endpoints unified vs. 18 separate service URLs
  • <20ms routing vs. 50-100ms typical API gateway overhead
  • WebSocket built-in vs. separate infrastructure for real-time events
  • Circuit breaking prevents cascading failures across microservices

Get Started Today

Ready to unify 18 services behind a single high-performance endpoint?

For Technical Evaluation: Explore our comprehensive documentation, review API reference with routing examples, or deploy a sandbox environment to test throughput and WebSocket streaming.

For Business Discussion: Request a demo to see Nexus API Gateway handle 5000+ req/s with real-time events, or contact sales to discuss enterprise deployments and custom rate limits.

For Self-Service: View pricing (included in all Nexus tiers), or browse documentation for performance benchmarks.

Request Demo View Documentation Pricing

Learn More:

Popular Next Steps:

Built With Nexus API Gateway: