Delphinium Compliance Documents

How Does Delphinium Protect Your Institutional Data?

We care a LOT about security and we have designed Delphinium from the ground up to be secure. For example, all communication between our server and Canvas is encrypted. Sensitive data is encrypted in our database and we intentionally limit the data we request and store to limit exposure to data breaches.

Our servers is housed by Amazon, the same as Canvas, so it is physically secure. At your request, we will destroy your data at any time. Finally, we carry a two-million-dollar cyber insurance policy in the unlikely case there is a data breach.

Canvas' connections to 3rd party tools are also built with security in mind. Access expires every hour and must be renewed using OAuth protection. Any administrator, teacher, and student can manually revoke Delphinium's granted access at any time in Canvas.

We routinely monitor and install security updates to the underlying technology used in our software.

Is Delphinium Accessible?

It is very important to us that everyone be able to enjoy Delphinium and we work hard to ensure that it is WCAG 2.0 level AA and Section 508 compliant. For example, our colors have been carefully chosen to provide high contrast, and our navigation has been optimized for keyboards. In addition, complex data, like verbal descriptions of avatars and data dense visual displays, are carefully configured to work well with screen readers.

Compliance with Industry Standards

It is good practice to ensure that a 3rd party tool meets your organization's requirements before granting Canvas developer credentials. We go to great lengths to ensure Delphinium is secure and accessible, and we are ready to answer any question you have. To streamline your research, please refer to the following security and accessibility documents that describe Delphinium’s compliance with industry standards.

Higher Education Cloud Vendor Assessment Tool (HECVAT)
Delphinium Security Architecture
Voluntary Product Accessibility Template (VPAT)
FERPA Statement
End User License Agreement (EULA)
Privacy Policy
Sole Source Letter
Cyber Insurance Certificate (Contact us for details)

Enforced token scopes (Click up/down chevron to the right for details)

To improve security, Canvas limits Delphinium's access to your Canvas account's API to the following endpoints.

- - Accounts
    - url:GET|/api/v1/accounts
    - url:GET|/api/v1/accounts/:id
    - url:GET|/api/v1/accounts/:account_id/permissions
  - Analytics
    - url:GET|/api/v1/courses/:course_id/analytics/assignments
    - url:GET|/api/v1/courses/:course_id/analytics/student_summaries
    - url:GET|/api/v1/courses/:course_id/analytics/users/:student_id/activity
    - url:GET|/api/v1/courses/:course_id/analytics/users/:student_id/assignments
  - API Token Scopes
    - url:GET|/api/v1/accounts/:account_id/scopes
  - Assignment Groups
    - url:GET|/api/v1/courses/:course_id/assignment_groups
    - url:GET|/api/v1/courses/:course_id/assignment_groups/:assignment_group_id
    - url:POST|/api/v1/courses/:course_id/assignment_groups
    - url:DELETE|/api/v1/courses/:course_id/assignment_groups/:assignment_group_id
    - url:PUT|/api/v1/courses/:course_id/assignment_groups/:assignment_group_id
  - Assignments
    - url:GET|/api/v1/courses/:course_id/assignments/:assignment_id/overrides
    - url:GET|/api/v1/courses/:course_id/assignments
    - url:GET|/api/v1/courses/:course_id/assignment_groups/:assignment_group_id/assignments
    - url:GET|/api/v1/users/:user_id/courses/:course_id/assignments
    - url:GET|/api/v1/courses/:course_id/assignments/:id
    - url:POST|/api/v1/courses/:course_id/assignments
    - url:PUT|/api/v1/courses/:course_id/assignments/:id
    - url:DELETE|/api/v1/courses/:course_id/assignments/:id
  - Content Migrations
    - url:GET|/api/v1/courses/:course_id/content_migrations
  - Conversations
    - url:POST|/api/v1/conversations
  - Courses
    - url:GET|/api/v1/courses
    - url:GET|/api/v1/courses/:id
    - url:PUT|/api/v1/courses/:id
    - url:GET|/api/v1/courses/:course_id/students
    - url:GET|/api/v1/courses/:course_id/settings
    - url:GET|/api/v1/courses/:course_id/users
    - url:GET|/api/v1/courses/:course_id/permissions
  - Discussion Topics
    - url:GET|/api/v1/courses/:course_id/discussion_topics
    - url:GET|/api/v1/courses/:course_id/discussion_topics/:topic_id
    - url:POST|/api/v1/courses/:course_id/discussion_topics
    - url:PUT|/api/v1/courses/:course_id/discussion_topics/:topic_id
    - url:DELETE|/api/v1/courses/:course_id/discussion_topics/:topic_id
  - Enrollment Terms
    - url:GET|/api/v1/accounts/:account_id/terms
  - Enrollments
    - url:GET|/api/v1/courses/:course_id/enrollments
    - url:GET|/api/v1/users/:user_id/enrollments
  - External Tools
    - url:GET|/api/v1/courses/:course_id/external_tools/sessionless_launch
    - url:GET|/api/v1/courses/:course_id/external_tools
  - Files
    - url:GET|/api/v1/courses/:course_id/files
  - Grading Periods
    - url:GET|/api/v1/courses/:course_id/grading_periods
    - url:GET|/api/v1/courses/:course_id/grading_periods/:id
  - Grading Standards
    - url:GET|/api/v1/courses/:course_id/grading_standards
    - url:GET|/api/v1/accounts/:account_id/grading_standards
    - url:GET|/api/v1/courses/:course_id/grading_standards/:grading_standard_id
    - url:GET|/api/v1/accounts/:account_id/grading_standards/:grading_standard_id
  - Groups
    - url:GET|/api/v1/accounts/:account_id/groups
    - url:GET|/api/v1/courses/:course_id/groups
  - JWTs
    - url:POST|/api/v1/jwts
    - url:POST|/api/v1/jwts/refresh
  - Modules
    - url:GET|/api/v1/courses/:course_id/modules
    - url:GET|/api/v1/courses/:course_id/modules/:id
    - url:POST|/api/v1/courses/:course_id/modules
    - url:PUT|/api/v1/courses/:course_id/modules/:id
    - url:DELETE|/api/v1/courses/:course_id/modules/:id
    - url:GET|/api/v1/courses/:course_id/modules/:module_id/items
    - url:GET|/api/v1/courses/:course_id/modules/:module_id/items/:id
    - url:PUT|/api/v1/courses/:course_id/modules/:module_id/items/:id
    - url:DELETE|/api/v1/courses/:course_id/modules/:module_id/items/:id
  - Outcome Results
    - url:GET|/api/v1/courses/:course_id/outcome_results
  - Pages
    - url:GET|/api/v1/courses/:course_id/pages
    - url:POST|/api/v1/courses/:course_id/pages
    - url:PUT|/api/v1/courses/:course_id/pages/:url_or_id
  - Quiz Questions
    - url:GET|/api/v1/courses/:course_id/quizzes/:quiz_id/questions
  - Quiz Submission Questions
    - url:GET|/api/v1/quiz_submissions/:quiz_submission_id/questions
    - url:POST|/api/v1/quiz_submissions/:quiz_submission_id/questions
  - Quiz Submissions
    - url:GET|/api/v1/courses/:course_id/quizzes/:quiz_id/submission
  - Quizzes
    - url:GET|/api/v1/courses/:course_id/quizzes
    - url:POST|/api/v1/courses/:course_id/quizzes
    - url:GET|/api/v1/courses/:course_id/quizzes/:id
  - Roles
    - url:GET|/api/v1/accounts/:account_id/roles
  - Sections
    - url:GET|/api/v1/courses/:course_id/sections
    - url:GET|/api/v1/sections/:id
  - Submissions
    - url:GET|/api/v1/courses/:course_id/assignments/:assignment_id/submissions
    - url:GET|/api/v1/courses/:course_id/students/submissions
    - url:GET|/api/v1/courses/:course_id/assignments/:assignment_id/submissions/:user_id
    - url:POST|/api/v1/courses/:course_id/assignments/:assignment_id/submissions
    - url:PUT|/api/v1/courses/:course_id/assignments/:assignment_id/submissions/:user_id
  - Tabs
    - url:PUT|/api/v1/courses/:course_id/tabs/:tab_id
  - User Observers
    - url:GET|/api/v1/users/:user_id/observers
    - url:GET|/api/v1/users/:user_id/observees
  - Users
    - url:GET|/api/v1/users/:id
    - url:GET|/api/v1/users/:user_id/profile