Skip to content

History

Overview

Forge is the evolution of our integration and platform strategy, born from the lessons learned in the CIAM (Cloud Integration and API Management) project. What started as an RFP search for an integration platform has grown into a comprehensive developer platform designed to address systemic pain points and transform how we build and deploy applications at scale.

🕐 Timeline: From RFP to Forge

2023                           2024                          2025
├─ RFP for               ├─ CIAM Project            ├─ Platform Team Formed
│  Integration Platform  │  Development Started     │
│                        │                          └─ Forge Product Launched
│                        │
└─────────────────────────────────────────────────────────────────
   Evaluation Phase         Implementation Phase      Platform Phase
   (Boomi, MuleSoft, etc)  (Mulesoft deemed too      (Unified Developer
                            expensive)                Platform)

Phase Details

2023 - RFP for Integration Platform

  • Evaluated multiple integration platforms (Boomi, MuleSoft, etc.)
  • Conducted cost-benefit analysis
  • Identified that commercial solutions were cost-prohibitive

2024 - CIAM Project Development

  • Began development on Cloud Integration and API Management initiative
  • Started addressing organizational pain points
  • Laid groundwork for platform standardization

2025 - Platform Team & Forge Launch

  • Platform Team officially formed
  • Forge product launched as the unified solution
  • Transitioned from project-based thinking to product-based thinking

🎯 Pain Points Addressed

The CIAM project and now Forge were created to solve critical organizational challenges:

Architecture & Structure

  • Monolithic Application Architecture - Hindered agility and introduced significant change management challenges
  • Environment Proliferation - Resulted in inefficiency and increased management overhead
  • Over-Reliance on Custom Services - Custom-developed services were being used for functionalities better served by managed services, leading to unnecessary complexity and potential instability

Development Experience

  • Inconsistent Application/API Creation - Relied on ad-hoc duplication rather than standardized, organization-wide best practices
  • Complex Local Development - Required numerous external dependencies, increasing setup time and potential conflicts
  • Cumbersome Custom Frameworks - Were difficult to maintain and required excessive support

Infrastructure & Operations

  • On-Premises Infrastructure Limitations - Restricted technology choices and hindered innovation
  • Immature Infrastructure as Code (IAC) - Lacked the maturity required for organization-wide deployment and management
  • Limited Observability - Current Splunk implementation provided logging capabilities only, lacking comprehensive observability

Security & Access Management

  • Reactive Security Posture - Security considerations were addressed reactively rather than proactively, with lack of clear guidelines and best practices
  • Tightly Coupled API Security - API security was baked into individual applications, hindering consistency and scalability
  • Legacy Security Infrastructure - Reliance on legacy Active Directory infrastructure, placing burden of application security on developers
  • Inefficient Password Rotation - Was time-consuming and prone to human error
  • Manual Authorization Process - Application authorization was a manual process involving group creation and member management
  • Proliferation of Custom API Clients - Developers were required to create and maintain custom API clients for their applications, increasing development overhead and introducing potential inconsistencies

🔄 Evolution: Current Process → Forge

The shift from our current processes to Forge represents a fundamental transformation in how we approach platform engineering:

Aspect Current Process Forge Approach
Identity Management Service Accounts Service Principals / Managed Identity
Hosting Infrastructure Windows Servers running IIS Vendor-managed PaaS (Platform as a Service)
Authorization & Authentication Active Directory Okta-managed via Terraform and YAML
Environment Management Environment Sprawl (multiple VMs) Mocking and Automated Environment Creation
Onboarding Custom Project Onboarding per team Standardized Project Templates & Infrastructure
Application Frameworks Custom SAIF Frameworks Vendor / Open Source Frameworks
Application Authorization Manual Process Self-Service Pipeline with Approval Workflows
API Development Code-First Development Contract-First Development
API Clients Manual API Client via NuGet Auto-generated API Client from Contract
Configuration Management Environment-specific API Service Azure App Configuration
Secrets Management Crypto managed by architecture team Self-managed secrets via Azure DevOps Library
Available Services Limited services available Comprehensive Cloud-managed Services

💡 Key Insights

  • From Expensive Commercial Solutions to Custom Platform: Rather than paying premium prices for all-in-one integration platforms, we built a targeted platform addressing our specific needs
  • From Manual to Automated: Forge automates processes that were previously manual, freeing developers to focus on business logic
  • From Reactive to Proactive Security: Security is now built into the platform by default, not bolted on afterward
  • From Custom to Standard: Standardized templates and infrastructure reduce the cognitive load on development teams
  • From Local Complexity to Cloud Simplicity: By leveraging cloud-managed services, we've eliminated complex local setup requirements