Case Study
SagaFlow: How we turned an on-prem monolith into a cloud-native SaaS platform
SagaFlow is a workflow and BPM platform by SimBIT, originally built for banks and large enterprises running their own infrastructure. Jaroslav Urbanek joined as fractional CTO with a straightforward brief: "put it in Azure." What was supposed to be a three-month migration turned into a two-year transformation that rebuilt the platform from the ground up — architecture, security model, and business model included.
It was supposed to be simple
The brief was clear: take the existing platform and deploy it to Azure. Reality had other plans. The on-premises stack cost over EUR 20,000 per month to run and maintain, could not scale, and every new customer meant manual deployment. The platform was designed for banks with their own servers — not for the SaaS model SimBIT needed for growth.
The application was not cloud-ready. There was no security or authorization layer for multi-tenant environments. Individual components could not scale independently. The Angular 1.x frontend needed a complete rewrite.
Instead of a simple migration, we committed to a systematic transformation with a clear goal: a single-tenant SaaS platform where each customer runs in their own Azure subscription with full isolation and predictable pricing.
The transformation journey
Phase 1 — Analysis and proof of concept
Audit of existing architecture, dependency mapping, and identification of blocking components. Validation that Azure Container Apps could meet the platform's needs without requiring full Kubernetes.
Phase 2 — Security foundation
Implementation of FIDO2 passwordless authentication via Hanko.io. Zero-trust model from day one. Separation of the authorization layer from application logic. At a time when most platforms still relied on passwords.
Phase 3 — Monolith decomposition
Breaking the monolithic application into independent microservices. Each service in its own container with independent scaling. Infrastructure as Code from the start for reproducible deployments.
Phase 4 — Frontend rewrite
Complete rewrite from Angular to React. New design system, responsive UI, workflow builder support. Decoupling the frontend from the backend enabled independent release cycles.
Phase 5 — Production and optimization
Cost stabilization, auto-scaling tuning, monitoring and alerting. Deployment for MPSV (Czech Ministry of Labor and Social Affairs) as the IMIP process management platform at workflow.mpsv.cz. Six pricing tiers for different customer sizes.
Key decisions
Single-tenant per subscription
Each customer runs in their own Azure subscription. Higher isolation, simpler billing, cleaner permissions management. More expensive to manage, but essential for regulated environments (government, finance). Per-customer costs are transparent and predictable.
FIDO2 passwordless before it was standard
We chose Hanko.io and a FIDO2-first approach when passwordless was still niche. Zero passwords from day one. No password resets, no phishing vectors. Today it is best practice — back then it was a bold call.
Container Apps over AKS
Azure Container Apps provides managed Kubernetes without the operational overhead of a full AKS cluster. For most pricing tiers, this is the optimal choice. For the Enterprise tier, we evaluated AKS as an escape hatch with a potential 19% savings on compute costs.
Angular out, React in
A complete frontend rewrite was not a popular decision, but Angular 1.x had no path forward. React brought a larger ecosystem, easier hiring, and better tooling for the workflow builder that is the heart of the platform.
Real numbers
22
months of transformation
8
Azure subscriptions
6
pricing tiers
0
passwords in the system
-93%
costs vs. on-prem
23+
Azure services
Monthly cost trajectory
Total real costs over 22 months came to EUR 25,126 across all subscriptions. Monthly costs started at EUR 87 in the initial phase, peaked at EUR 1,971 during full deployment of all environments, and stabilized around EUR 1,450 per month for 4 running instances.
Pricing tiers range from EUR 217/month (Starter) to EUR 4,829/month (Enterprise), each including compute, storage, networking, and managed services with defined SLAs.
Architecture
Each customer instance runs across 3 resource groups (compute, data, networking) with 23+ Azure services. Infrastructure is defined as code and deployed through CI/CD pipelines.
Top cost drivers
AKS escape hatch
For the Enterprise tier (EUR 4,829/month), we evaluated migrating the compute layer from Container Apps to AKS. Result: a potential 19% savings on compute costs while retaining all other services. This option is ready as an upgrade path for high-load customers.
Collaboration
Partner ecosystem
SagaFlow is not the work of a single company. It is the result of specialized partners, each bringing their own expertise. The ability to orchestrate such a multi-party project is itself one of the key outcomes.
SimBIT (Simbit Enterprises s.r.o.) -- product owner, technology development
TECHNOMATON (Jaroslav Urbanek) -- fractional CTO, cloud architecture, IaC, cost analysis
Tekies s.r.o. -- IMIP platform delivery to MPSV, with SimBIT as technology partner
Arrows -- CSP partner for Azure billing
Microsoft -- SimBIT registered as Microsoft partner
SimBIT and TECHNOMATON jointly deliver the technology foundation. Tekies s.r.o. takes the platform and integrates it into the MPSV environment as the IMIP platform. Arrows handles Azure billing. Successful delivery of enterprise solutions requires an ecosystem of specialized partners -- not a single vendor.
The result
Before
- -- Monolithic architecture
- -- On-premises infrastructure
- -- Manual deployments
- -- EUR 20,000+/month operations
- -- Passwords everywhere
- -- Angular 1.x frontend
After
- -- Microservices on Container Apps
- -- Cloud-native on Azure
- -- Automated IaC + CI/CD
- -- EUR 1,450/month (4 instances)
- -- Zero passwords (FIDO2)
- -- React frontend + design system
The platform now powers IMIP process management for the Czech Ministry of Labor and Social Affairs at workflow.mpsv.cz -- delivered through Tekies s.r.o., with SimBIT as the technology partner. It serves customers from small teams to enterprise organizations across six pricing tiers.
Planning a cloud migration?
Whether it is a lift-and-shift or a complete re-architecture, we can help you find the right path. No unnecessary complexity, with real numbers.
Let's schedule a call