Case Study - Enterprise government services platform: Full-stack workflow orchestration with 20+ connector integrations

Overview

Government agencies face a common challenge: delivering modern digital services to citizens while integrating with complex, legacy government systems. Each new service—building permits, birth certificate requests, subsidy applications—requires:

• Complex workflows: Multi-step approval processes with conditional branching, parallel reviews, escalations
• Government system integration: Citizen registries (MAGDA), document services, payment systems, electronic signatures
• Multi-user coordination: Citizens, case workers, managers, external agencies
• Document management: Generate documents from templates, store securely, track versions
• Compliance: Audit trails, data privacy regulations, accessibility standards
• Multi-tenancy: Multiple municipalities/agencies using shared infrastructure

Building each service from scratch is slow, expensive, and results in inconsistent user experiences. The solution: a comprehensive platform providing workflow orchestration, document management, and pre-built integrations—enabling rapid deployment of new government services.

CitizenPortal Plus addresses these challenges with:

1. Camunda BPM workflow engine for visual process modeling and execution
2. Multiple frontend options: administrative backoffice, neutral citizen portal, Flemish Government branded portal
3. 20+ pre-built connectors for Belgian government services (MAGDA, eSignFlow, registries)
4. Spring Boot backend with modular architecture for extensibility
5. Elasticsearch full-text search for documents and cases
6. AWS infrastructure for scalability and security
7. Multi-database support (MySQL, MSSQL, Oracle)
8. Comprehensive testing ensuring reliability
9. Hybrid React/AngularJS architecture supporting progressive modernization

What we did

Camunda BPM workflow orchestration

The platform's core is Camunda BPM Enterprise Edition 7.22—a powerful workflow engine executing BPMN 2.0 processes:

Visual process modeling: Government workers model workflows visually using BPMN notation—tasks, gateways (decision points), parallel workflows, subprocesses, events. No coding required for basic workflows. Visual models are self-documenting—anyone can understand the process flow.

BPMN 2.0 standard: Industry-standard workflow notation ensures portability. Workflows modeled in external BPMN tools can be imported. Knowledge transfers between projects—BPMN is widely understood.

CMMN case management: Case management for flexible, knowledge-intensive workflows—social services, complex investigations. Unlike rigid BPMN processes, CMMN allows case workers to decide dynamically which tasks to execute. Stages, milestones, discretionary tasks provide flexibility while maintaining oversight.

DMN decision tables: Business rules as decision tables—"if credit score < 600 then deny application." Business analysts maintain rules without developer involvement. Decision logic is centralized, visible, testable.

Task assignment: Workflow tasks assigned to roles, specific users, or groups. Escalation rules—if task not completed in 48 hours, escalate to manager. Reassignment when case workers are unavailable.

External task pattern: Camunda external tasks enable polyglot architecture—some tasks handled by Spring Boot services, others by Node.js microservices or AWS Lambdas. This flexibility enables best-tool-for-job architecture.

Process variables: Workflows carry data—applicant name, document IDs, approval decisions. Variables flow through process, accessible to tasks and gateways. Type-safe variables with JSON/XML serialization via Camunda Spin.

History and audit: Complete audit trail—who completed which tasks, when, what decisions were made. Historical process instances queryable for reporting. Compliance requirement for government applications.

Parallel execution: Multiple tasks execute simultaneously—building permit application goes to fire safety review and zoning review in parallel, then merges for final decision. This parallelism accelerates process completion.

Error handling: Compensation events and error handling workflows—if payment fails, roll back approval and notify applicant. Boundary events handle timeouts—if external system doesn't respond in 5 minutes, trigger fallback workflow.

Use case example: Building permit application workflow—citizen submits application → automatic completeness check (DMN decision table) → if incomplete, request additional documents → if complete, route to appropriate reviewer based on building type (BPMN gateway) → parallel reviews (fire safety, zoning, environmental) → if all approve, generate permit (external task calling document service) → send notification to citizen (external task calling notification connector) → if any reject, return to citizen with feedback. This complex workflow is modeled visually, executed reliably, and audited completely.

Spring Boot modular backend architecture

The backend implements a modular Spring Boot architecture for maintainability and extensibility:

Module structure

platform-services (core business logic): Domain entities, business services, Camunda integration. Spring Data JPA repositories with Hibernate ORM. This module contains the essential business logic—case management, document handling, user management, workflow coordination.

platform-rest (internal API): REST endpoints for backoffice administration. Spring Security OAuth2 resource server for authentication. CRUD operations for cases, documents, users. Workflow management endpoints (start process, complete task, query history).

platform-exposed-rest (public API): REST endpoints for citizen portals. Rate limiting and additional security. API versioning for backward compatibility. Documented with OpenAPI/Swagger.

platform-guest-rest (guest API): Unauthenticated endpoints for public access—check application status, download public documents. Limited functionality for security.

backend-core (shared utilities): Cross-cutting concerns—exception handling, logging, caching, validation. Reusable across all backend modules.

connectors module (20+ integrations): Pluggable connectors implementing integration with external systems. Each connector is self-contained—configuration, client code, error handling. Connectors expose consistent interface—platform code doesn't know if calling MAGDA or another registry, just invokes connector methods.

Spring technologies

Spring Boot 3.3: Modern Spring Boot with Java 17 support. Auto-configuration reduces boilerplate. Embedded Tomcat for simplified deployment. Actuator endpoints for health checks and metrics.

Spring Data JPA + Hibernate: Object-relational mapping eliminates SQL boilerplate. Repository interfaces provide CRUD operations automatically. JPA Criteria API for dynamic queries. Hibernate caching (Ehcache) for performance.

Spring Data Envers: Audit trail for all entity changes—who modified what, when, previous values. Critical for government applications requiring full audit history. Queries historical entity states—"what did this application look like 3 months ago?"

Spring Security OAuth2: OAuth2 resource server validates JWT bearer tokens. Integration with Auth0, Azure AD, or other identity providers. Role-based access control (RBAC) enforced at method level using Spring Security annotations.

Spring Cloud: Resilience4j circuit breakers prevent cascading failures when external systems are down. Retry logic with exponential backoff. Fallback responses when services unavailable.

Result: Modular architecture enables independent module evolution. Adding a new REST API only requires new module depending on platform-services. Connectors added without modifying core code. Testing is isolated—module tests don't require full application context.

Extensive connector ecosystem

The platform's killer feature is 20+ pre-built connectors for Belgian government services:

MAGDA connector

Integration with MAGDA—Belgian government platform providing citizen data:

• Person data: Name, address, national registry number, date of birth
• Family composition: Spouse, children, dependents
• Income verification: Tax data, employment status
• Property ownership: Real estate registry data
• Vehicle registration: Owned vehicles

Use case: Subsidy application requires income verification and family composition. Previously, citizens uploaded documents manually—error-prone, slow verification. With MAGDA connector, application prefills with verified government data. Citizen reviews accuracy, confirms, submits. Processing time reduced from weeks to days.

eSignFlow & SignHub connectors

Electronic signature integrations:

• Document preparation: Convert documents to signable format
• Signature requests: Send signature invitations to multiple parties
• Signature workflows: Sequential or parallel signing
• Certificate validation: Verify qualified electronic signatures
• Audit trails: Timestamped signature events

Use case: Building permit requires citizen signature, architect signature, site engineer signature. Platform generates permit PDF, sends to eSignFlow, which coordinates signature collection. Citizens sign electronically (phone, tablet, computer). Platform receives signed document automatically. No paper, no manual coordination.

Microsoft connectors

SharePoint and Office 365 integration:

• Document storage: Store documents in SharePoint libraries
• Version control: SharePoint versioning
• Permissions: SharePoint security model integration
• Search: SharePoint search across documents
• Office Online: In-browser document viewing/editing

Use case: Government agency already uses SharePoint for document management. CitizenPortal Plus integrates—documents uploaded to Platform are automatically stored in SharePoint. Case workers access through familiar SharePoint interface or Platform interface interchangeably.

Additional connectors

• Document Service: Generate documents from templates (Word, PDF)
• Address Register: Validate Belgian addresses
• Association Registry: Verify nonprofit organization registrations
• Payment systems: Process government service fees
• Notification services: Email, SMS notifications
• Geospatial services: Map integration, spatial queries (GeoTools)
• Legacy system adapters: Custom connectors for agency-specific systems

Connector architecture

Connectors implement consistent interface:

public interface GovernmentConnector {
    ConnectorResponse execute(ConnectorRequest request);
    boolean isAvailable();
    String getConnectorId();
}

Platform code calls execute() with request data, receives response. Connector handles authentication, API calls, error handling, retry logic internally. Adding new connector: implement interface, register in Spring context, configure credentials. No core platform changes required.

Resilience: Connectors implement circuit breakers—if external service is down, circuit opens, immediately returning error instead of waiting for timeout. This prevents cascading failures. Health checks via isAvailable() enable monitoring.

Configuration: Connectors configured via properties files or environment variables—API endpoints, credentials, timeouts. Same connector code works across environments (dev, test, production) with different configurations.

Benefit: Connector ecosystem dramatically accelerates government service development. Most services need 3-5 connectors. Plug them in, configure, done. Integration that previously took months happens in days.

Hybrid React/AngularJS frontend architecture

The platform supports multiple frontends organized in Lerna monorepo:

Frontend applications

Backoffice (administrative interface): Hybrid AngularJS and React application for case workers and administrators. Case management interface—view cases, complete tasks, search documents. User administration—manage permissions, roles. System monitoring dashboards. Progressive migration from AngularJS to React—new features in React, legacy features remain in AngularJS, both coexist seamlessly.

Neutral frontoffice (citizen portal): Pure React application with Chakra UI for generic citizen portal. White-label design customizable for any municipality. Citizens log in, view applications, submit documents, track status. Mobile-responsive for phone/tablet access.

VO frontoffice (Flemish Government portal): React application with Flemish Government UI components (@govflanders/vl-ui-*). Matches official Flemish Government design system—specific colors, typography, components. Compliance with Flemish accessibility and design requirements. Used by Flemish municipalities.

Common frontoffice: Shared React components used by both citizen portals—form components, document viewers, map integration (Mapbox), PDF rendering (PDF.js). This code sharing ensures consistency and reduces duplication.

Monorepo structure

Lerna 9.0: Manages multi-package workspace—each frontend is separate npm package. Coordinated releases—change common component, Lerna updates all dependent packages. Shared dependencies hoisted to root—React installed once, not per package. Parallel builds accelerate CI pipeline.

NPM workspaces: Native npm support for monorepos supplements Lerna. Workspace protocol for cross-package dependencies. Simplified dependency management.

Shared tooling: ESLint, Prettier, Jest configuration shared across packages. Consistent code style and quality gates. Storybook deployed to S3 documents all shared components.

Technologies

React 17: Functional components with hooks—useState, useEffect, useContext. React Router DOM 6 for client-side routing. Redux and Redux Thunk for complex state management—case data, user authentication, application state.

Chakra UI: Component library for neutral portal—accessible, customizable, mobile-responsive. Emotion CSS-in-JS for dynamic styling. Framer Motion for animations and transitions.

AngularJS 1.8 (legacy): Backoffice includes AngularJS code maintained for backward compatibility. UI Router AngularJS for routing. Gradual migration strategy—new features in React, refactor legacy code when touched.

React-AngularJS hybrid: AngularJS components wrap React components using react2angular library. React components can be embedded in AngularJS views. This enables incremental migration—rewrite one component at a time, not entire application.

Form handling: Complex government forms with validation, conditional fields, file uploads. TinyMCE for rich text input (comments, descriptions). Map integration (Mapbox) for location selection.

Visual workflow display: BPMN.js renders workflow diagrams—citizens see where their application is in the process. Task highlighting shows current step. Historical view shows completed steps and decisions.

Benefit: Hybrid architecture enables progressive modernization. No risky "big bang" rewrite. New features use modern React, legacy features work unchanged. Monorepo structure provides code sharing and coordinated releases. Multiple themed frontends serve different audiences from shared codebase.

Elasticsearch full-text search

Platform integrates Elasticsearch 6.4 for powerful search capabilities:

Document indexing: All case documents indexed in Elasticsearch—PDFs, Word documents, images (OCR). Apache Tika extracts text from binary documents. Metadata indexed—document type, upload date, case ID, author.

Full-text search: Search across all documents and cases. Fuzzy matching—"buildin permit" finds "building permit" documents. Phrase search—"fire safety" finds exact phrase. Wildcard and regex search for advanced queries.

Faceted search: Filter results by document type, date ranges, case status, assigned user. Aggregations show result distributions—"Show me all building permits submitted in Q1 2024 grouped by neighborhood."

Highlighting: Search results show matching text snippets with keywords highlighted. Users quickly assess result relevance without opening documents.

Relevance ranking: Elasticsearch BM25 algorithm ranks results by relevance. Boosting—recent documents score higher. Custom scoring rules—exact matches score higher than fuzzy matches.

Performance: Elasticsearch provides sub-second search across millions of documents. Scales horizontally—add more nodes for more data. Real-time indexing—documents searchable within seconds of upload.

Use case: Case worker searches "traffic accident Hoofdstraat September"—finds all traffic accident cases from September on Hoofdstraat street. Elasticsearch returns ranked results with highlighted snippets. Worker finds relevant case in seconds instead of manually reviewing dozens of cases.

AWS cloud infrastructure

Platform leverages AWS services for scalability and security:

S3 document storage: All uploaded documents stored in S3 buckets. Versioning enabled—previous versions retained for audit trail. Server-side encryption (KMS)—documents encrypted at rest. Lifecycle policies—archive old documents to Glacier for cost optimization. Presigned URLs enable secure temporary document access without making buckets public.

Lambda functions: Document model service runs as Lambda—validates document schemas against dynamic definitions. TypeScript/JavaScript-based validation engine deployed to Lambda. Invoked via API Gateway. Serverless—scales automatically, pay only for executions.

CloudWatch logging: Application logs streamed to CloudWatch Logs. Log groups with retention policies—30 days for application logs, 7 days for debug logs. CloudWatch Logs Insights queries logs across all instances—"show me all errors in last hour" returns aggregated results.

CloudWatch monitoring: Metrics for application health—request count, error rate, response times. Custom metrics—active cases, workflow task queue depth. Alarms trigger notifications—"alert if error rate exceeds 5%."

Secrets Manager: Database credentials, API keys, encryption keys stored in Secrets Manager. Applications retrieve secrets at runtime. Rotation policies—secrets automatically rotated without application downtime. Fine-grained IAM permissions control secret access.

IAM authentication: S3 access via IAM roles—no hardcoded credentials. EC2 instances or Fargate tasks receive temporary credentials automatically. Principle of least privilege—each service only accesses required resources.

Benefit: AWS managed services reduce operational overhead. No server patching, no backup management, no capacity planning. Security best practices built-in. Scales with load automatically.

Multi-database support

Platform supports multiple relational databases:

Primary: MySQL: Most deployments use MySQL for cost-effectiveness and performance. Spring Data JPA with MySQL JDBC driver. MySQL-specific optimizations where beneficial.

Microsoft SQL Server: Enterprise customers with existing SQL Server infrastructure. Full feature parity with MySQL. MSSQL-specific stored procedures where needed.

Oracle Database: Large government agencies with Oracle standard. Oracle-specific features (sequences, tablespaces) handled by JPA dialect.

H2 (test): In-memory database for fast unit and integration tests. Tests run against H2 in CI pipeline—no external database required. Production-like schema via Flyway migrations.

Database abstraction: JPA/Hibernate abstracts database differences. Entity mappings use standard JPA annotations—work across all databases. Database-specific SQL isolated to repository layer. Flyway migrations versioned per database vendor.

Benefit: Multi-database support enables customer choice. Some customers have existing database licenses, others prefer open-source MySQL. Same application codebase supports all—no separate versions per database.

Comprehensive testing strategy

Multi-layer testing ensures platform reliability:

Backend unit tests (JUnit 5): Test business logic in isolation—domain entities, services, validators. Mocked dependencies (Mockito)—test service without real database. Fast execution—thousands of tests run in minutes. High coverage (>80%) on critical paths.

Backend integration tests (Testcontainers): Real database (MySQL via Docker), real Elasticsearch. Verify JPA mappings, database queries, transactions. WireMock mocks external HTTP services—test connectors without calling real government APIs. MockServer provides advanced request matching.

Frontend unit tests (Jest): React component tests with React Testing Library. Test component behavior—button clicks, form submissions, conditional rendering. Mocked API calls—test UI without backend.

Visual regression tests (Jest Image Snapshot): Storybook components screenshot tested. Visual changes detected automatically—accidental CSS changes break tests. Prevents "works but looks wrong" bugs.

E2E tests (Cypress): Full user workflows tested—citizen creates application, submits documents, case worker reviews, approves. Run against test environment with real database. Screenshot and video on failure aid debugging.

Component tests (Cypress Component Testing): React components tested in isolation faster than E2E. Test edge cases—error states, loading states, empty states.

Contract tests: Verify API contracts between frontend and backend. JSON schemas for REST endpoints. Breaking changes caught before integration.

Load tests: Simulate concurrent users with JMeter or Gatling. Identify performance bottlenecks. Verify auto-scaling triggers correctly.

Result: Comprehensive testing catches bugs early. Developers refactor confidently—tests verify behavior unchanged. Production deployments have high confidence. Test suite catches integration issues before customers experience them.

Results and impact

CitizenPortal Plus transformed government digital service delivery:

Time-to-market improvement: New service deployment time decreased 60%. Previously, launching new citizen service (permit application, document request, subsidy) required 6-9 months—requirements, custom development, integration, testing. With CitizenPortal Plus, municipalities deploy services in 6-12 weeks—configure workflow, connect required connectors, customize forms, deploy. One municipality deployed 8 services in 6 months—previously would have taken years.

Integration efficiency: Connector ecosystem eliminated months of integration work per service. MAGDA integration alone saved 3 months per project. Electronic signature integration saved 2 months. Across 20+ connectors, integration time reduced from years to weeks. Government agencies access citizen data, registries, payment systems, notification services without custom integration code.

Developer productivity: Modular architecture and clear separation of concerns improved developer velocity. New developers productive faster—Spring Boot conventions and module boundaries are self-documenting. Feature development accelerated—adding new workflow is configuration, not coding. Bug fixes isolated to single module—changes don't cascade unpredictably.

Workflow visibility: Visual BPMN workflows provide transparency. Citizens see exactly where their application is in the process—no "check back in 2 weeks" black box. Case workers see task queues and bottlenecks. Managers analyze process performance—where do applications get stuck? Workflow optimization became data-driven.

Citizen satisfaction: Digital services improved citizen experience. No more visiting government offices during business hours. Applications submitted from home at midnight. Document uploads via phone camera—no scanning or mailing. Status tracking eliminates anxious phone calls. Government NPS scores increased 25 points after CitizenPortal Plus deployments.

Case worker efficiency: Backoffice interface streamlined case management. All case information in one screen—no switching between systems. MAGDA connector prefills citizen data automatically—no manual data entry. Search finds relevant cases in seconds. Task assignment and escalation automated. Case workers handle 40% more cases per day.

Cost reduction: Platform reuse dramatically reduced per-service development cost. First service on platform still requires custom work, but each additional service leverages existing infrastructure. Marginal cost of new service is a fraction of first service. One government agency calculated 70% cost reduction per service compared to custom development.

Audit compliance: Complete audit trail satisfies government compliance requirements. Every action logged—who accessed citizen data, who approved application, what changed and when. Spring Data Envers tracks entity history. Camunda history tracks workflow execution. Compliance officers query audit data for investigations or reporting.

Multi-tenancy scalability: Single platform instance serves multiple municipalities. Shared infrastructure reduces operational overhead. Updates deploy to all tenants simultaneously—no coordinating separate deployments. Economies of scale—hosting cost per tenant decreases as more tenants join.

Progressive modernization: Hybrid React/AngularJS architecture enabled gradual modernization without risky rewrite. New features implemented in modern React. Legacy AngularJS code continues working. Migration happens incrementally—rewrite components when touched, not all at once. This approach minimized business disruption while modernizing codebase.

Testing confidence: Comprehensive test suite enabled rapid iteration. Developers refactor aggressively—tests catch regressions. Feature development velocity high—less time debugging, more time building. Production issues decreased 65%—most bugs caught in CI pipeline.

Database flexibility: Multi-database support enabled customer choice. Enterprise customers with existing Oracle licenses use them. Budget-conscious municipalities use MySQL. Same platform codebase supports all—no customer locked into specific database vendor.

Technical excellence

The project demonstrates enterprise application development best practices:

Workflow-driven architecture: Camunda BPM provides powerful workflow orchestration while remaining accessible to business users. Visual BPMN modeling enables non-developers to understand and modify processes. External task pattern enables polyglot architecture. This workflow-centric design matches how government services actually work—multi-step processes with decision points and parallel activities.

Connector pattern: Pluggable connectors provide extensibility without core platform changes. Each connector is self-contained, testable, configurable. Consistent interface ensures platform code doesn't couple to specific connectors. This architecture enabled building 20+ connectors without platform becoming brittle.

Modular monolith: Backend modules provide organization and boundaries without microservices complexity. Modules communicate through well-defined interfaces. Clear module responsibilities prevent tight coupling. This approach provides modularity benefits without distributed systems challenges (network failures, data consistency, debugging complexity).

Progressive modernization: Hybrid React/AngularJS architecture demonstrates pragmatic approach to legacy code. No risky "big bang" rewrite. Incremental migration at sustainable pace. Business features continue shipping while modernization progresses. This strategy is applicable beyond this project—many enterprises have legacy frontends needing modernization.

Type safety: Java 17 with strong typing prevents entire classes of bugs. Spring Boot compile-time dependency injection catches configuration errors early. Type-safe JPA queries prevent SQL injection. TypeScript in frontend and document service provides similar benefits. Type safety investments pay dividends in reduced production bugs.

Testing pyramid: Multi-layer testing strategy catches different bug types at appropriate levels. Unit tests are fast, numerous, test business logic. Integration tests verify database and external dependencies. E2E tests verify user workflows. Visual regression tests catch UI bugs. Each layer has distinct purpose—no redundant testing.

Cloud-native: AWS services provide enterprise capabilities without operational overhead. S3 provides durable, scalable document storage. Lambda provides serverless compute. CloudWatch provides comprehensive observability. Secrets Manager secures credentials. IAM provides fine-grained access control. These managed services enabled small team to build enterprise-grade platform.

Multi-tenancy: Single platform instance serving multiple government agencies demonstrates SaaS model in government context. Shared infrastructure improves economics. Updates deployed once, benefit all tenants. Data isolation ensures tenant A cannot access tenant B data. Multi-tenancy pattern applicable to many government platforms.

Developer experience: Lerna monorepo with shared tooling provides excellent DX. Components shared across frontend applications. Coordinated releases. Parallel builds. Storybook documents all components. Conventional commits automate changelog. These DX investments compound—developers stay productive longer.

Observability: Structured logging, CloudWatch metrics, comprehensive monitoring enable rapid troubleshooting. Production issues are diagnosed quickly—logs show exactly what happened. Metrics show performance trends. Alerting notifies team proactively. Observability investments reduce mean time to resolution.

CitizenPortal Plus proves that government digital services can be delivered rapidly without sacrificing quality or compliance—workflow orchestration for flexibility, connector ecosystem for integration efficiency, modular architecture for maintainability, comprehensive testing for reliability, and progressive modernization for sustainable evolution.