Taking an enterprise HR sync platform from prototype to production

Company context

An early-stage insurtech startup building a platform that synchronizes employee data from Workday (the source HR system) to enterprise destinations like Microsoft Dynamics 365 and Salesforce. The product automates complex field mapping, validation, and batch sync operations for large employers managing thousands of employee records.

The founding team had built a working prototype, but it was not ready for enterprise buyers. The CEO needed to close a first paying customer within months.

The challenge

The platform had several critical problems blocking enterprise sales:

Frontend credibility. The dashboard displayed hardcoded numbers: "147 Connected Employers", "99.8% API Success Rate." None of it was real. Any enterprise buyer seeing this in a demo would lose trust immediately. Other pages showed random pass/fail rates and fake validation results.

Unstable infrastructure. The app ran on Cloud Run (serverless), which dropped connections during long-running sync operations. There were no health check endpoints, no staging environment, and Terraform state was local-only with no team collaboration.

Incomplete data pipeline. Five critical validation rules were only partially implemented: missing phone numbers, non-active employees with benefits, D365 mandatory fields, manager existence checks, and circular manager references. Errors were silently swallowed. The UI showed "No records to sync" instead of actual failures.

No enterprise security. All users had identical access. No role-based access control, no audit logging, no multi-tenant data isolation. These are table stakes for enterprise procurement.

Single destination. Only Dynamics 365 was supported. Prospects needed Salesforce as well.

What I did

I started with a 2-week assessment, mapped every gap against what enterprise buyers expect, and built a prioritized roadmap of 57 items organized into phases: frontend credibility first, then production infrastructure, then core sync operations, then enterprise features.

Month 1: Frontend trust and infrastructure migration.

Replaced all 4 hardcoded KPI cards with real database queries. Hid non-functional pages. Built a sync trigger UI so operators could initiate and monitor syncs from the dashboard instead of running scripts.

Migrated from Cloud Run to a GCE instance with Container-Optimized OS, Cloud SQL Auth Proxy, and a Managed Instance Group for auto-healing and rolling updates. This gave us persistent processes for long-running syncs, reliable SSE streaming, and zero-downtime deploys. Infrastructure cost: roughly $13/month.

Month 2: Data pipeline and validation.

Completed all 5 validation rules. Built a validation error system that flags specific issues with recommended actions instead of silently dropping records. Fixed the D365 birth date offset bug (timezone handling), added OData field writability validation, and surfaced batch sync errors to the UI activity log.

Replaced hardcoded field mappings with a per-customer, per-destination configuration system. Added a field mapping preview that shows source data, the destination field, and the transformed value side by side. Operators can validate mappings against D365 metadata before running a sync.

Month 3: Enterprise security and Salesforce.

Implemented role-based access control with four roles: admin, operator, viewer, and superadmin (for internal support staff). Added comprehensive audit logging that tracks 32 mutation types with actor, timestamp, and before/after diffs. Sensitive fields are automatically redacted.

Built multi-tenant row-level security with PostgreSQL RLS policies on all tenant-scoped tables. Each organization's data is fully isolated at the database level.

Added Salesforce as a second destination: OAuth client credentials flow with token caching, AES-256-GCM credential encryption, Composite API batch upsert (200 records per request), and 33 extracted Workday fields (up from 17).

Month 4: Operational maturity.

Implemented delta sync using Workday's Transaction Log API. Instead of fetching all 10,000+ workers on every run, only changed records are pulled and pushed. Added sync scheduling (cron), a monitoring dashboard with run history and error rate trends, and alerting on sync failures.

Built manual change preservation: before each sync, the system reads current D365 values, detects manual edits, and preserves them unless explicitly overridden by Workday. Added a sync revert strategy that snapshots D365 state before each batch so operators can roll back.

Results

• Shipped 44 of 61 roadmap items in under 2 months
• Moved from Cloud Run to GCE with zero-downtime rolling deploys and auto-healing
• Added Salesforce as a second sync destination (Dynamics 365 was the only one)
• Implemented RBAC (4 roles), audit logging (32 mutation types), and multi-tenant RLS
• Delta sync reduced API calls from full-table scans to incremental updates only
• Surfaced all sync errors to the UI (previously silently swallowed)
• Completed 5 data validation rules that were partially implemented
• First paying customer onboarded with dedicated tenant isolation
• Built a 3:38 product walkthrough video for customer onboarding

Testimonial

"We went from a prototype that embarrassed us in demos to a platform we confidently put in front of enterprise buyers. The infrastructure migration alone saved us from constant connection drops, but the security and compliance work is what actually closed our first deal."