Porting a marketing portal to modern architectures and technologies

Who was our client?

FIDA was commissioned by one of the largest insurance companies in Germany, which is particularly well known for its car insurance policies. The task was to develop a user-friendly application to centrally manage a large number of different marketing tools.

What was the initial situation?

The insurance company's marketing department used a large number of different tools to manage, organize and execute mass mailings via various channels such as print, email, SMS or push.

What was our brief?

The aim was to develop a solution that would simplify and centralize the work with different tools. At the heart of the project was the replacement of Excel spreadsheets, which had long been an integral part of the work processes.

How was our solution designed?

A portal application was created for this purpose, which serves as a central entry point for all tools involved for the employees of the marketing department and also offers campaign management for the mass mailings of the various channels.

In future, campaigns can be created and managed centrally and enriched with additional content and control information. From now on, the entire process from the selection of customer data to the transfer of mass print data to the print shop can be controlled and tracked in the application.

The solution in detail - architecture, development, project management & security:

When architecting the newly developed solution, we placed great emphasis on designing and implementing a user-friendly portal. The development included both the front end and the back end. The portal serves as a central interface for users and simplifies interaction with various applications.

Equally important was the seamless integration of external applications into the portal to ensure a smooth flow of information, as well as the harmonious integration of the portal into the insurance company's existing infrastructure. With our solution, we were able to ensure compatibility with established systems and processes.

In the programming phase of the project, particular emphasis was placed on the implementation of the front end, which was realized with Angular in the form of a monorepo. This structure makes it possible to manage various related projects within a single repository, which improves the consistency and maintainability of the code. Web components were used to integrate the in-house style component library, ensuring a flexible and reusable connection of the design elements.

In the backend, we relied on the robust Spring Boot framework, which allowed agile development and easy maintenance of the backend components. For the security of the application, OAuth2 was implemented using Spring Security, which guarantees a high standard of authentication and authorization.

To connect to the database, we used Spring Data/JPA, which allowed efficient and simplified handling of database operations. With this combination of technologies and frameworks, we created a powerful and secure backend architecture that is optimally tailored to the organization's requirements.

In terms of project management, compliance with Scrum or semi-agile formats was a clear requirement from the customer. This approach helped us to react flexibly to changes and constantly monitor the progress of the project. The agile Scrum methodology helped us to efficiently achieve specific goals in regular sprints.

We used agile tools such as JIRA and Confluence for optimal organization and documentation of the project. JIRA served as a central tool for tracking all tasks, bugs and activities, which enabled us to make the workflow transparent and traceable. Confluence, on the other hand, was used as a collaboration platform where we created and shared documents to collect knowledge and make information accessible to the entire team. By using these tools, we were able to ensure that all team members were always on the same page and working together efficiently, which contributed significantly to the success of the project.

In terms of security, we focused on the design and implementation of authentication and authorization mechanisms for access to individual services. To do this, we relied on the OAuth2 protocol, which enables secure delegated access and is widely used in the industry. This protocol ensures that users can verify their identity without having to pass their login information directly to the services.

We coordinated the interaction between Access Management (AM) and Identity Management (IM) systems. In particular, the AM system Forgerock was used to provide authentication and authorization services, while IM with Active Directory (AD) and an internal identity management system took over the administration and storage of user identities. These processes were implemented in close collaboration and in parts to ensure smooth integration and a high level of security.

In addition, an authorization concept for technical access was implemented. This concept defines how technical accounts and systems should access each other as well as applications and data in order to ensure the integrity and confidentiality of the systems. The implementation of such a concept was crucial to ensure that only authorized systems and processes are able to interact with the critical infrastructure elements, which is an important element in maintaining the overall security of the system.