End-to-end Microservice Architecture with WSO2 Middleware

Industry:Risk Management Solutions


iJET International is the premier integrated risk management firm, delivering intelligence-driven solutions by assessing an organization’s exposure to risk and threat. To empower these multinational organizations, iJET collects intelligence on a global scale, about health, natural disasters, geopolitical and civil unrest, capturing data in a manner that is machine processable to deliver responsive solutions. This enables organizations to prepare for, monitor and respond to potential threats to their people, facilities, suppliers and information.

That means 60+ intelligence analysts and experts across 5 continents, sourcing information in over 30 languages 24*7. The company has so far processed over 110 million travel transactions per year with 14 million trips and 100,000+ assets tracked annually. At iJET labs, the innovation center at iJET International, a time and budget-sensitive operation was to transform the company’s rigid legacy system to a microservice architecture, to address their biggest challenge; identity management.


  • To address the increased demand for federated Single Sign-ons (SSO) by customers with more security options (specifically SAML 2.0 and OAuth 2.0).
  • To provide customers with user self-provisioning through the secure use of third party systems, as well as multi-factor authentication.
  • To transform from a non-scalable, non-agile legacy architecture to a more service-oriented architecture (SOA).


  • The WSO2 QuickStart Program (QSP) to ensure the business challenge is understood by on-site WSO2 architects, to start off in the right direction.
  • iJET uses WSO2 Identity Server to support configurable authenticators for federation, and just-in-time user provisioning to map incoming claims to local schema. This works in conjunction with the iJET customer user store manager, which is implemented as an OSGI bundle.
  • WSO2 API Manager with WSO2 Identity Server are integrated to optimize iJET’s microservices, with WSO2 API Manager prototyping, versioning and publishing APIs provided by these microservices.
  • WSO2 API Manager also governs the access and provides security to APIs.

iJET was looking for an open source solution that aligned with the company values, while also enabling them to take ownership of the products and deploy an extensible architecture that can accommodate future changes. The federated SSO solution was successfully working in six months, with iJET able to deploy a new application built entirely on REST APIs, with the legacy applications able to authenticate with third party identity providers too.


This is an excerpt from WSO2Con.

For more information on how iJET built an end-to-end microservice architecture with WSO2, you can view the WSO2Con USA 2015 presentation by David Clark, director of IT architecture at iJET labs.