Skip to main content
IAM vs. CIAM CIAM Buyer's Guide Contact Us
Janrain respects your privacy and will treat the personal data you choose to share with us in accordance with our privacy policy.

Janrain flow change management best practices

By Lisa Nicholson | Posted on April 25, 2018

Janrain flow change management best practices

Security has been a key focus of Janrain for years, and at the core of our strategy is a commitment to certifications and best practices that ensure information security. This month, we are excited to wrap up audit season with clean reports for SOC 2, ISO 27001, ISO 27018, HIPAA, HITECH and CSA.

The key to a successful audit is paying attention to every detail and holding clients to Janrain security best practices that vary in scale from data structure to workflows, all important to ensuring airtight information security. An example of a smaller-scale best practice our security team recommends to clients is exclusively using flow versioning for change management. By using flow versioning rather than HEAD:

  • Clients can deploy on their own schedule without coordinating with Janrain.
  • Janrain can push the code to production ahead of schedule without it affecting a client’s live site, allowing the client to deploy at their convenience.
  • Downtime is avoided because clients can preview and QA the production deployment on a single machine/device live in production prior to fully deploying. Many errors in client html can be caught preventing outages.
  • Code deployments from one department are prevented from overwriting changes that are being tested in another department.

Some operationally complex organizations choose to use HEAD against Janrain’s recommended best practices. HEAD means that a site will point automatically to the most recent flowVersion number for the flowName specified. This is frequently used in development environments, as well as production if a company has a large number of sites that use the same flow. When HEAD is used, any flow configuration changes that a client authorizes Janrain to push into production will take immediate effect.

Janrain clients can easily check to see if their organization uses HEAD or flow versioning by looking at the Developer Tools in your browser when your login page is on the screen. Just type in janrain.settings.capture.flowVersion, and if you get numbers instead of HEAD, then you are using flow versioning change management according to Janrain’s recommended best practice.

For more information about Janrain’s security commitment and policies, see

Popular Posts

About the author

Lisa Nicholson

Lisa Nicholson

Director of Information Security

Lisa Nicholson is Janrain's Director of Information Security responsible for cyber security as well as governance, risk, and compliance (GRC). She joined the leading Customer Identity and Access Management company in 2014 leveraging her database, network, quality assurance, testing, project management and security experience to return to the information security fold. Most recently, she worked as a QA manager, SQL developer and SQL DBA for various Portland, OR startups.

View all posts by Lisa Nicholson