Clever Engineering Blog — Always a Student

Always a Student is one of Clever's culture tenets: we love to learn, and this blog is where we share what we learn on topics that matter to engineering, from small but critical technical details to how we organize our engineering teams. This blog is cross-published on Medium.

SAML Protocol

By Keith Richards on

A tool for Identity Federation Security Assertion Markup Language, or SAML, is an open standard for exchanging authentication and authorization data between two parties. It’s a common strategy for single sign-on (SSO), allowing users to sign in once and authenticate with multiple third party applications. Similar to OAuth2.0, SAML promotes data security by preventing direct […]

OpenID Connect

By Keith Richards on

Adding AuthN to OAuth2.0 OpenID Connect (OIDC) is an authentication protocol that sits on top of the OAuth2.0 protocol. It provides a standardized way for clients to authenticate users and obtain information about their identity. In simple terms, OpenID Connect allows users to log in to different applications using a single set of credentials. It […]

What is OAuth?

By Keith Richards on

A primer on delegated access  OAuth, short for “open authorization”, is a widely used protocol that allows users to grant third-party websites or applications access to their personal information on other websites. It provides a mechanism for secure access delegation across the internet.  History Class Prior to the creation of OAuth, sharing of information with […]

AuthN vs AuthZ: What is Auth?

By Keith Richards on

Demystifying authentication and authorization When you hear the term Auth, what comes to mind? You probably think of signing into a system with your username and password, and you’re half right. But auth is bigger than that. The bucket term also includes everything you can do in a system once you submit those credentials. Auth […]

Privacy and Security in Clever Messaging

By Ulzii Otgonbaatar on

Designing and engineering a messaging system that is used by 6.8 million students and  half a million teachers in K-12 schools is no easy feat. While the typical threats  against online systems from unauthorized and unauthenticated access to sensitive information remain, the school environment compounds privacy challenges as additional entities such as guardians, co-teachers, and […]

How we handle multi-region sessions at Clever

By Nathan Leiby on

Why multi-region sessions? Each year leading up to Back to School (our busiest season), Clever’s engineering team invests in our highest traffic systems to make sure we can handle user growth and new traffic patterns. During 2020–2021, SAML auth at Clever grew from <10% of our login related traffic to about 40% of our traffic! For this […]