Redesign and development of the AURA Runtime — the central Identity and Access Management authorization backend of Credit Suisse — to replace a monolithic architecture with independently scalable microservices, deployed across four global regions.
Java 17, Spring Boot 3.1, OpenShift (Kubernetes), Apache Kafka, Oracle DB, Prometheus, Grafana, Jenkins, Helm.
Four independent backend services replaced the monolith. Kafka handles event streaming and caches permission data, significantly reducing Oracle DB load. All services run on OpenShift, deployed via Helm charts and a Jenkins CI/CD pipeline.
10M+
requests per day
4 regions
Switzerland, EMEA, AMER, APAC
10 months
design to rollout
With over 10 million requests per day and peaks of 80,000 per minute in Switzerland alone, the existing monolithic system was showing its limits. Services couldn't scale independently. A single bottleneck could cascade across the entire platform. The Oracle database was under constant pressure.
There was another complication: most client applications relied on a proprietary EJB client library and couldn't all be updated at once. Any migration had to be completely invisible to them. The challenge was clear — a full architectural redesign with zero disruption to the running system.
We designed and built a microservices architecture on OpenShift, replacing the monolith with four independently scalable backend services. Apache Kafka took over as the event and caching layer, taking the load off Oracle DB. We also developed a load simulator to stress-test each service before each regional rollout.
To handle the transparent migration, we introduced a compatibility layer that bridged the proprietary EJB client library with the new platform — so legacy clients could keep running without any changes on their end. Monitoring via Prometheus and Grafana, a Jenkins pipeline, and Helm-based deployments ensured consistent operations across all four regions from day one.
Today, the system processes over 10 million authorization requests per day across Switzerland, EMEA, AMER, and APAC. Each of the four services scales independently. Oracle DB load has dropped significantly thanks to Kafka-based caching and event handling.
What was once a fragile monolith at the edge of its capacity is now a distributed, highly available platform — built for the demands of one of the world's largest financial institutions. Operational support for the Credit Suisse team ensured a smooth handover and continued stability after rollout.
A secure, user-friendly, and high-performance web app developed on behalf of the Republic of Austria.
Europe’s largest and highly available power trading platform M7, operated by Deutsche Börse.
Self-service Identity and Access Management for streamlined access control.
Greenfield rebuild of Austria's sovereign bond auction platform — managing EUR 315 billion in federal debt.
Migration of a mission-critical client access management platform from Credit Suisse to UBS Azure cloud infrastructure.
Full reimplementation of Credit Suisse's mission-critical IAM distribution system — from proprietary Java EE 7 to OpenShift, in eight months.
Full-stack migration of Credit Suisse's central IAM system: 15 applications, 5M+ lines of code, migrated to Java 21, Spring Boot 3, and OpenShift in 8 months.
