Clever's goal is to set the highest bar in the industry for student data privacy and security. [Learn more about our security and download our whitepaper here.](🔗)

## Security Best Practices

## Keep secrets secret

Do not sent district-app tokens or your client secret (or full authorization headers!) through email or other non-secure channels - in fact, we recommend excluding them from your code, and only loading them as environment variables.

If our team spots a token or secret that has been sent through email, we will reset the token/secret within 24 hours.