Case Study


Replacing the entire authorization system of a major online product with zero user impact takes great care and dedication. Policies for thousands of endpoints need to be migrated, and granular feature toggles introduced to give users flexibility in customizing their workflows through new role combinations. A major accounting firm entrusted SitePen with the bulk of the migration efforts.
Technologies Involved
javascriptJavascripttypescriptTypeScriptdojo-toolkitDojo ToolkitreactReactjestJestjavaJavajunitJUnitmockitoMockitoopen-agent-policyOpen Agent PolicysplunkSplunk

The Situation

A major accounting solution provider undertook a project to upgrade the authorization layer of their primary web application and engaged SitePen to help in the migration efforts. The project aimed to replace access-control list checks that were hard-coded into the product with a policy-based resource model using an externalized authorization service for greater flexibility.

A substantial application codebase comprising thousands of API endpoints required uplifting, which meant working with ownership teams across the entire organization. Millions of existing customers expecting 24/7 uptime meant delicate project phasing was needed to succeed. An inventory of the existing authorization checks accrued over decades of product development had to be established and migrated to new resources and policies. The new policies would be integrated alongside existing ACL checks, then validated that they accurately met all existing authorization security requirements. The client could only migrate users to the new system after they were fully satisfied that the new authorization system would not disrupt any existing functionality.

The Solution

SitePen was brought into the project to lead the resource policy migration effort within the system backend and to help enhance the frontend application to support fine-grained feature toggling based on the new resource model.

The backend policy migration process involved several major phases:

  • Analyzing the ACL checks that the product’s existing service endpoints were performing.

  • Defining new resources and policies to match the existing checks.

  • Integrating the new authorization primitives throughout the application, in parallel with the existing ACL system, to avoid disrupting users.

  • Validating that the new authorization decisions accurately met the existing security requirements.

  • Switching over to use the new resources and policies for authorization enforcement.

This process was iterated across the application codebase to cover all existing authorization requirements. The team continuously deployed new authorization features as they were migrated, with SitePen liaising with all owners responsible for each area to approve, release, and deploy the new checks.

Frontend work included implementing new feature requirements that specified how configurable resource actions translated into new or modified user workflows, for example, to allow for read-only reviewer users or workflow approvers that only had access to a subset of an organization’s data. Given the broad scope of the project, this process included feature analysis to understand the existing functionality and how it could be extended to support new requirements across the entire suite of application capabilities and workflows. Once a consistent and achievable implementation had been agreed upon, SitePen helped the client to implement the new user interface functionality.

Best experience working with an external firm. So professional, diligent, thorough, and on time. It was fun collaborating with SitePen. They’re just the type of people I would hire full-time – without hesitation.
Senior Engineering Manager

The Result

SitePen successfully migrated thousands of the most-used authorization checks within the product and helped implement many of the new front-end requirements, enabling the client to meet their project goals.

Decoupling authorization decision-making from the main accounting product allows authorization policies to be developed and deployed independently, reducing turnaround time when adding or modifying resources. The client can now resolve critical user or product security issues separately from the heavyweight deployment pipeline of the whole application codebase, minimizing security risks through immediate resolution. Separating resources and their policies from the product implementation also allows the creation of fine-grained roles that give users greater flexibility in how they structure their workflows across the product.

We'd love to hear from you!

Whether you need help with a current or upcoming project, initial advice and consultation, or just want to introduce yourself.

Let's connect
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Privacy Policy