Enhanced security with token-based authentication
From day one, Clever has been built to be the most simple and most secure data integration solution for schools. To improve on that promise, we are changing the way our partner applications authenticate with the Clever API.
EdTech applications currently access Clever’s API using an API key specific to the application. While this single-key approach is an industry standard, we realized we can improve on it. Going forward, apps will access the API using a token that is specific to the app and to the district. Each token provides access only to the data that an individual district has authorized for sharing with that app. Tokens provide increased security because each token provides access to a smaller set of data. Token-based authentication also helps Clever to scale smoothly, which is a key focus as we prepare for the busy back-to-school season.
We are encouraging all of our partners to implement this change by this summer. After July 1st, API implementations that make use of the old API keys will be rate-limited, and in Spring 2015 API keys will be fully deprecated for integrations.
We are supporting this change with updates across our product:
- access to tokens in partner dashboards, and programmatically upon district signup
- updated developer documentation
- updated client libraries
More to read
September 18, 2023Indiana district enhances and secures tech access with MFA from Clever
Find out how this K-12 district implemented an insurance-approved and end-user friendly MFA solution in just 4 weeks.
September 7, 2023Multi-factor authentication for schools: How to select the right MFA tool
By considering these 7 factors, schools can select a tailored multi-factor authentication solution to enhance cybersecurity and ensure uninterrupted learning.
August 25, 2023Steps Canadian schools can take today to better protect student data
While Canadian educators are calling for better safeguards in data privacy, there are actions that schools can take right now. Clever’s Director of Security provides recommendations for vetting vendors and building a culture of cybersecurity within Canadian schools.