Insurance · enterprise platform
Pie Insurance
Owning the authentication track of a unified frontend re-architecture across a 100+ microservice platform.
Situation
Pie's Partner Portal runs on 100+ backend microservices, and the frontend was being consolidated into one unified application. Authentication sat on a legacy Amplify/SRP flow that had become load-bearing without anyone choosing it on purpose. Fine, until the day you need to change it.
The decision that mattered
The auth architecture was the expensive-to-reverse call. Framework, where tokens live, which OAuth flows, how to handle multiple Cognito user pools. Get any of it wrong and 100+ services inherit the mistake. I owned that track, wrote the decisions down as ADRs before writing the code, and pressure-tested them with Product, UI/UX, Finance and senior leadership.
Approach
I authored the ADRs, then implemented the result: a modern OAuth flow on Cognito Managed Login, replacing the legacy Amplify/SRP flow. Alongside it I designed a generic notification system that works with 100+ services, shipped a self-serve document-generation feature that cut manual support load by ~80%, and contributed to a platform-wide shift from BFF-heavy to direct-to-backend. Agentic tools (Claude Code, Cursor) carried the scaffolding and refactors; the architecture and review calls stayed with me.
Before diving into the code, he takes the time to thoroughly understand the business requirements — that meticulous upfront analysis lets him anticipate complex edge cases and architectural roadblocks long before they reach production. He has the rare maturity to provide constructive pushback when necessary.