top of page
Search

Beyond Portals and Pipelines: Where Workflow Engines Help (and Where They Don’t)

Workflow engines are having a moment in platform engineering. Tools like Temporal, Camunda, or n8n are being adopted to manage stateful automation, retries, and human approvals. They’re powerful, but they’re not platforms. 


This post distils the workflow-engine thread from our webinar “Beyond the Platform Facade: Why Portals and Pipelines Aren’t Enough,” which Abby hosted and I presented. We aimed to explore the role of workflow engines, the problems they solve, the challenges teams face when they stretch them too far, and how they work best when paired with a platform orchestrator like Kratix and SKE.



The Good, the Bad, and the Puppy for Christmas of Workflow Engines

Workflow engines and durable execution frameworks provide clear benefits:


  • Durability and reliability: stateful steps, retries, backoff, compensation.

  • Complex control flow: fan-out/fan-in, conditionals, human approvals.

  • Operational visibility: step-level traces and UIs that make runs legible.

  • Developer ergonomics: model business processes as code or BPMN.


If you need robust, auditable flows, such as rotating secrets or scaffolding a new service, a workflow engine is an excellent choice.


But workflow engines don’t model ownership or responsibility across the life of a resource. They aren’t designed for:


  • Enforcing organisation-wide policy and continuous reconciliation (drift control).

  • Defining platform APIs and contracts for consistent self-service.

  • Managing reusable, composable building blocks across a fleet.

  • Delivering day-2 lifecycle guarantees, such as upgrades, migrations, or deprecations, at scale.


When teams push workflow engines into these roles, they accumulate glue code, duplicate controls, and invite drift. It is fun on day one, but this quickly becomes day-2 toil: the classic “puppy for Christmas” problem.


The Platform Three-Tier Model: Start in the Middle

A useful mental model for platform engineering is three tiers: developer interface (portals, CLIs, pipelines), platform orchestration layer (decides what and who), and Infrastructure and runtime (where workloads actually run).


Workflow engines live inside the orchestration layer as execution components. The orchestrator defines the what and who, while the workflow engine carries out the how.


Keep platform logic out of the portal, and avoid burying policy in pipelines or ad hoc workflows. That’s how you ensure consistency and resilience.


Effective Use Cases for Workflow Engines

Used correctly, workflow engines strengthen your platform:


  • Golden path service creation: The orchestrator exposes the platform service API. The workflow engine scaffolds repos, sets up CI, registers in the catalogue, and requests credentials; always under policy and with ownership captured.

  • Day-2 maintenance flows: Need to patch Postgres across a fleet? The orchestrator selects the resources and enforces guardrails. The workflow engine executes per-instance tasks (drain, snapshot, upgrade, verify) with retries and rollbacks.

  • Human-in-the-loop: For approvals or compliance workflows, the orchestrator checks policy while the workflow engine manages multi-step approvals and evidence capture.


In each case, the orchestrator decides what and who; the workflow engine delivers how.


Signs You’re Overusing Your Workflow Engine

It’s easy to lean too heavily on a workflow engine, especially when it delivers quick wins early on. But there are red flags that indicate you may be stretching it beyond its intended purpose. 


If your platform’s policies and ownership models are buried inside workflow definitions, for example, you’re already in dangerous territory. This often leads to multiple teams re-implementing the same controls in slightly different ways, creating inconsistency and unnecessary duplication.


Another warning sign is when upgrades become painful. Rather than updating a single platform contract, you find yourself editing dozens of workflows to roll out a change. 


Similarly, a portal button that simply fires off an ad hoc workflow might look convenient, but if it bypasses policy and ownership, it leaves you with orphaned resources and configuration drift. In short, when workflow engines start taking on responsibilities that properly belong to an orchestrator, you’re likely building fragility and long-term toil into your platform.


A Workflow Engine Decision Guide for Platform Teams

Use a workflow engine when:


  • You need stateful, reliable multi-step automation with visibility.

  • You need human approvals or SLAs in a process.

  • You want compensation and idempotency across integrations.


Don’t use a workflow engine alone when:


  • You need platform-level policy (e.g. “all DBs must have encryption at rest”).

  • You need lifecycle management across fleets.

  • You need clear ownership and APIs for product-like self-service.


Designing the Seam Between Orchestration and Workflows

The sweet spot is designing a clean seam between your orchestrator and your workflows. Start by defining a Platform API for a capability: spell out inputs, outputs, SLOs, and ownership. Make the lifecycle explicit and versioned.


  • The orchestrator owns policy, ownership, contracts, and reconciliation.

  • The workflow engine executes detailed steps reliably.


This separation ensures you avoid brittle glue code and keep drift under control.


Summary

Workflow engines excel at orchestrating tasks with durability, retries, and human approvals. They provide real value when used for stateful automation or embedding human processes into technical workflows. But they are not a substitute for a platform. On their own, workflow engines cannot provide the policies, ownership models, and lifecycle management that a platform requires.


The most sustainable approach is to treat workflow engines as execution tools within a broader platform design. Let the orchestrator define responsibilities, contracts, and policies, while the workflow engine focuses on reliable execution. This separation allows teams to get the best of both worlds: robust workflows without losing sight of platform-level consistency and long-term maintainability.


Looking to Go Beyond Workflows?

Kratix provides the orchestration layer that connects workflow engines to the bigger picture of platform policy, ownership, and lifecycle management. With Kratix and SKE, you can design clear Platform APIs, manage fleets consistently, and still take advantage of tools like Temporal, Camunda, and n8n for execution.

Comments

bottom of page