Security
Clever's goal is to set the highest bar in the industry for student data privacy and security. Learn more about our security and download our whitepaper here.
Security Best Practices
Keep secrets secret
Do not sent district-app tokens or your client secret (or full authorization headers!) through email or other non-secure channels - in fact, we recommend excluding them from your code, and only loading them as environment variables.
If our team spots a token or secret that has been sent through email, we will reset the token/secret within 24 hours.
Updated less than a minute ago
What’s Next
Check out our security recommendations for each product, or jump right in to building your integration