Security
Clever's goal is to set the highest bar in the industry for student data privacy and security. Learn more about our security and download our whitepaper here.
Security Best Practices
Keep secrets secret
Do not sent district-app tokens or your client secret (or full authorization headers!) through email or other non-secure channels - in fact, we recommend excluding them from your code, and only loading them as environment variables.
If our team spots a token or secret that has been sent through email, we will reset the token/secret within 24 hours.
Updated about 3 years ago