Clever Engineering Blog — Always a Student

Always a Student is one of Clever's culture tenets: we love to learn, and this blog is where we share what we learn on topics that matter to engineering, from small but critical technical details to how we organize our engineering teams. This blog is cross-published on Medium.

What is OAuth?

By Keith Richards on

A primer on delegated access  OAuth, short for “open authorization”, is a widely used protocol that allows users to grant third-party websites or applications access to their personal information on other websites. It provides a mechanism for secure access delegation across the internet.  History Class Prior to the creation of OAuth, sharing of information with […]

AuthN vs AuthZ: What is Auth?

By Keith Richards on

Demystifying authentication and authorization When you hear the term Auth, what comes to mind? You probably think of signing into a system with your username and password, and you’re half right. But auth is bigger than that. The bucket term also includes everything you can do in a system once you submit those credentials. Auth […]

Privacy and Security in Clever Messaging

By Ulzii Otgonbaatar on

Designing and engineering a messaging system that is used by 6.8 million students and  half a million teachers in K-12 schools is no easy feat. While the typical threats  against online systems from unauthorized and unauthenticated access to sensitive information remain, the school environment compounds privacy challenges as additional entities such as guardians, co-teachers, and […]

How we handle multi-region sessions at Clever

By Nathan Leiby on

Why multi-region sessions? Each year leading up to Back to School (our busiest season), Clever’s engineering team invests in our highest traffic systems to make sure we can handle user growth and new traffic patterns. During 2020–2021, SAML auth at Clever grew from <10% of our login related traffic to about 40% of our traffic! For this […]

Evolving Systems for New Products

By Michael Gao on

When building systems for new products, there’s a delicate balance between writing code that works and writing code that lasts. A common anti-pattern is preemptively optimizing systems for the future while still trying to find product market fit. For new product teams, this can be a costly mistake as it leads to a slower iterative […]