Global Auto Finance Platform
A high-volume auto loan processing platform required real-time integration with external banking underwriting and credit engines — with zero visible latency for applicants and dealers. GYSP engineered the full AEM 6.5 component engine: custom OSGi handlers for secure RESTful credit API transactions, dynamic Thank You screen workflows handling all credit decision outcomes, and multi-tenant clientlib restructuring that cut front-end page weight and network round-trips across every loan application flow.
The Challenge
Auto loan applications require instant credit decisions — applicants expect real-time feedback from banking underwriting engines without page delays or session breaks. The existing AEM 6.5 environment lacked OSGi infrastructure for external API orchestration, could not dynamically render contextual decision screens (approved, declined, counter-offer, pending), and suffered from bloated multi-tenant clientlib configurations that slowed page loads across both consumer applicant flows and dealer portal screens. Every round-trip added to the loan funnel drop-off rate.
Our Solution
GYSP architected a dedicated AEM 6.5 component engine purpose-built for high-throughput auto loan processing. Custom OSGi service handlers managed the full external credit API lifecycle — authentication, request formation, response parsing, error handling, and retry logic — delivering real-time underwriting decisions without applicant-visible latency. A suite of dynamic Thank You screen workflows was built using contextual UI response modules: each credit engine output payload (approval, conditional approval, decline, counter-offer) triggered a distinct, data-driven screen rendered entirely within AEM without page redirects. The clientlib estate was audited and restructured across all multi-tenant loan flows — duplicate library loads eliminated, critical-path CSS and JavaScript minimised, and network round-trips reduced from initial landing page through final decision submission.
Facing a similar challenge? Get a no-commitment technical brief.
Get free briefKey Deliverables
- Custom OSGi service handlers for secure, real-time RESTful API transactions with external banking underwriting and credit engines
- Dynamic Thank You screen workflow suite — contextual UI modules rendered per credit decision output (approval, decline, counter-offer, pending)
- Multi-tenant clientlib restructuring reducing front-end page weight and network round-trips across all loan application flows
- Full API transaction lifecycle managed within AEM 6.5 — authentication, request formation, response parsing, and error handling
- 9-month delivery of a production-grade auto loan processing component engine — Jan 2024 to Sep 2024
Services Delivered
- AEM 6.5 OSGi Component Engineering
- Credit API Integration
- Dynamic UI Workflow Design
- Clientlib Optimisation
Tech Stack
Frequently Asked Questions
What is an OSGi handler and why is it the right pattern for external API integration in AEM 6.5?+
OSGi (Open Services Gateway Initiative) is the modular service framework that underpins AEM's component runtime. Within AEM 6.5, all backend logic — from content services to external integrations — is deployed as OSGi bundles that are independently started, stopped, and versioned without restarting the entire platform. For external API integration, the OSGi service pattern means credit engine handlers are registered as managed services in the AEM service registry: they can hold configuration (endpoint URLs, authentication credentials, retry policies) via OSGi configuration admin, be injected as dependencies into any AEM component or servlet, and be monitored via the Felix console. Compared to embedding HTTP calls directly in Sling servlets or JSP scriptlets, the OSGi handler pattern gives you dependency injection, testability, centralised configuration management, and clean lifecycle control — all critical when the integration target is a banking credit system where failure modes must be explicit and auditable.
How were multiple credit decision outputs handled dynamically in the Thank You screen workflows?+
Each credit engine API response carries a decision payload — an approved applicant gets an approval code and next-step financing terms; a declined applicant gets a reason code and potential appeal pathway; a counter-offer presents adjusted loan terms; a pending decision enters a queue workflow. Rather than building a separate AEM page for each outcome, the Thank You screen was architected as a single AEM component that reads the decision payload passed through the session or request attributes from the OSGi handler, then conditionally renders the appropriate UI module using Sling Models bound to the decision type. This data-driven approach means adding a new credit decision type — for example, a new product-specific outcome — requires only a new UI module fragment, not a new page or workflow branch. The result is a consistent applicant experience without page redirects or URL exposure of credit decision data.
What does AEM clientlib restructuring involve and how does it reduce front-end page weight?+
AEM client-side libraries (clientlibs) aggregate JavaScript and CSS into categories that pages include via their component templates. On multi-tenant platforms that have grown organically, clientlib configurations frequently accumulate problems: multiple clientlib categories loaded on the same page that share code but are not deduplicated; global libraries included on pages where only a small fraction of their functionality is used; synchronous JavaScript blocking parse and render; and CSS embedded in JavaScript bundles that blocks styling. Restructuring involves auditing which libraries are loaded on each loan application page type, splitting monolithic categories into page-specific dependency trees, moving non-critical scripts to deferred or asynchronous loading, and eliminating cross-tenant library duplication where the same utility code is bundled separately per tenant. The result is a smaller critical-path payload on page load and fewer HTTP round-trips before the applicant sees the interactive loan form — directly reducing funnel drop-off at high-latency network conditions.
How was security handled for banking credit API transactions within AEM 6.5?+
Banking credit API integrations require defence in depth: credentials must never appear in AEM component configuration visible through the CRX/DE repository browser; all external calls must be made server-side so API keys are never exposed to the client browser; transport must be TLS with certificate validation; and request payloads containing PII (applicant name, date of birth, NI or SSN) must be transmitted only over authenticated, encrypted channels. Within AEM 6.5, OSGi configuration admin stores API credentials in encrypted OSGi config files (not in the JCR), keeping them out of the repository. The OSGi service handles all HTTP communication server-to-server — the browser only ever receives the credit decision, not the underlying API response. Error responses from the credit engine are mapped to safe user-facing messages, ensuring stack traces and API error payloads are never surfaced to applicants.
Work with GYSP
Want results like these?
Get a free technical brief — architecture options, cost estimates, and a delivery timeline tailored to your challenge.
- 48-hour turnaround
- Senior engineers only
- No commitment required
Or call: +1 (929) 588-8364
Services Used
More FinTech Case Studies
FinTechDotPe
Growing transaction volumes, three active compliance frameworks, and a full AWS-to-GCP migration — all without a single major service outage. The stakes were high for this fintech platform.
FinTechOptions Trading Platform
Retail traders were making high-stakes decisions with manual calculations and static charts. They needed the kind of strategy tools professional desks take for granted — built for the masses.
Tier-1 Retail Bank, United Kingdom
Ahead of the UK's January 2018 Open Banking deadline, a tier-1 retail bank needed to migrate its legacy platform to containerized, multi-region cloud infrastructure on GCP — without disrupting live banking operations or missing a single regulatory milestone.
