Always a Student is one of Clever's culture tenets: we love to learn, and this blog is where we share what we learn
on topics that matter to engineering, from small but critical technical details to how we organize our engineering teams.
This blog is cross-published on Medium.
A primer on delegated access OAuth, short for “open authorization”, is a widely used protocol that allows users to grant third-party websites or applications access to their personal information on other websites. It provides a mechanism for secure access delegation across the internet. History Class Prior to the creation of OAuth, sharing of information with […]
Demystifying authentication and authorization When you hear the term Auth, what comes to mind? You probably think of signing into a system with your username and password, and you’re half right. But auth is bigger than that. The bucket term also includes everything you can do in a system once you submit those credentials. Auth […]
Designing and engineering a messaging system that is used by 6.8 million students and half a million teachers in K-12 schools is no easy feat. While the typical threats against online systems from unauthorized and unauthenticated access to sensitive information remain, the school environment compounds privacy challenges as additional entities such as guardians, co-teachers, and […]
What’s it like to be an engineer at Clever? What does success look like for individuals and teams? From engineers with non-traditional backgrounds to engineers with Computer Science degrees, four engineers share their perspectives about their experiences, typical days, and growth while working at Clever.
During my final search for an internship, I had an idea of where I wanted to work: a place with a friendly culture and strong engineering practices – something in between a startup and a big company. To my luck, I interned at Clever – an organization that surpassed those expectations in the span of […]
Why multi-region sessions? Each year leading up to Back to School (our busiest season), Clever’s engineering team invests in our highest traffic systems to make sure we can handle user growth and new traffic patterns. During 2020–2021, SAML auth at Clever grew from <10% of our login related traffic to about 40% of our traffic! For this […]
Context At Clever, we rely on nearly two thousand infrastructure secrets like DB access keys, API tokens, and session secret keys to provide our services to students and teachers. Properly securing these secrets so we don’t expose them in our various environments requires thorough engineering efforts. In fact, securing secrets is generally a hard problem […]
When building systems for new products, there’s a delicate balance between writing code that works and writing code that lasts. A common anti-pattern is preemptively optimizing systems for the future while still trying to find product market fit. For new product teams, this can be a costly mistake as it leads to a slower iterative […]