With Platform Services Controller, all VMware products within the same environment can share the authentication domain and other services. Services include certificate management, authentication, and licensing.

Platform Services Controller includes the following core infrastructure services.
Table 1. Platform Services Controller Services
Service Description

(VMware Appliance Management Service)

Handles appliance configuration and provides public API endpoints for appliance lifecycle management. Included on the Platform Services Controller appliance.

(VMware License Service)

Each Platform Services Controller includes VMware License Service, which delivers centralized license management and reporting functionality to VMware products in your environment.

The license service inventory replicates across all Platform Services Controller in the domain at 30-second intervals.


(VMware Component Manager)

Component manager provides service registration and lookup functionalities.

(VMware Platform Services Controller Client)

Backend to the Platform Services Controller Web interface.

(VMware Identity Management Service)


(VMware Security Token Service)

Services behind the vCenter Single Sign-On feature, which provide secure authentication services to VMware software components and users.

By using vCenter Single Sign-On, the VMware components communicate using a secure SAML token exchange mechanism. vCenter Single Sign-On constructs an internal security domain (vsphere.local by default) where the VMware software components are registered during installation or upgrade.


(VMware HTTP Reverse Proxy)

The reverse proxy runs on each Platform Services Controller node and each vCenter Server system. It is a single entry point into the node and enables services that run on the node to communicate securely.

(VMware Service Control Agent)

Manages service configurations. You can use the service-control CLI to manage individual service configurations.

(VMware Appliance Monitoring Service)

Monitor the vCenter Server Appliance guest operating system resource consumption.

(VMware vAPI Endpoint)

The vSphere Automation API endpoint provides a single point of access to vAPI services. You can change the properties of the vAPI Endpoint service from the vSphere Web Client. See the vSphere Automation SDKs Programming Guide for details on vAPI endpoints.

VMware Authentication Framework

Service that provides a client-side framework for vmdir authentication and serves the VMware Endpoint Certificate Store (VECS).

VMware Certificate Service

Provisions each VMware software component that has the vmafd client libraries and each ESXi host with a signed certificate that has VMCA as the root certificate authority. You can change the default certificates by using the Certificate Manager utility or Platform Services Controller Web interface.

VMware Certificate Service uses the VMware Endpoint Certificate Store (VECS) to serve as a local repository for certificates on every Platform Services Controller instance. Although you can decide not to use VMCA and instead can use custom certificates, you must add the certificates to VECS.


VMware Directory Service

Provides a multitenant, peer-replicating LDAP directory service that stores authentication, certificate, lookup, and license information. Do not update data in vmdird by using an LDAP browser.

If your domain contains more than one Platform Services Controller instance, an update of vmdir content in one vmdir instance is propagated to all other instances of vmdir.


VMware Domain Name Service

Not used in vSphere 6.x.

VMware Lifecycle Manager API


VMware Service Lifecycle Manager

Start and stop vCenter Server services and monitor service API health. The vmware-vmon service is a centralized platform-independent service that manages the lifecycle of Platform Services Controller and vCenter Server. Exposes APIs and CLIs to third-party applications.

Likewise Service Manager

Likewise facilitates joining the host to an Active Directory domain and subsequent user authentication.

VMware Platform Services Controller Health Monitor

Monitors the health and status of all core Platform Services Controller infrastructure services.

VMware Analytics Service

Consists of components that gather and upload telemetry data from various vSphere components to the VMware Analytics Cloud, and manage the Customer Experience Improvement Program (CEIP).