Delphinium Compliance Documents
How Does Delphinium Protect Your Institutional Data?
We care a LOT about security and we have designed Delphinium from the ground up to be secure. For example, all communication between our server and Canvas is encrypted. Sensitive data is encrypted in our database and we intentionally limit the data we request and store to limit exposure to data breaches.
Our servers is housed by Amazon, the same as Canvas, so it is physically secure. At your request, we will destroy your data at any time. Finally, we carry a two-million-dollar cyber insurance policy in the unlikely case there is a data breach.
Canvas' connections to 3rd party tools are also built with security in mind. Access expires every hour and must be renewed using OAuth protection. Any administrator, teacher, and student can manually revoke Delphinium's granted access at any time in Canvas.
We routinely monitor and install security updates to the underlying technology used in our software.
Is Delphinium Accessible?
It is very important to us that everyone be able to enjoy Delphinium and we work hard to ensure that it is WCAG 2.0 level AA and Section 508 compliant. For example, our colors have been carefully chosen to provide high contrast, and our navigation has been optimized for keyboards. In addition, complex data, like verbal descriptions of avatars and data dense visual displays, are carefully configured to work well with screen readers.
Compliance with Industry Standards
It is good practice to ensure that a 3rd party tool meets your organization's requirements before granting Canvas developer credentials. We go to great lengths to ensure Delphinium is secure and accessible, and we are ready to answer any question you have. To streamline your research, please refer to the following security and accessibility documents that describe Delphinium’s compliance with industry standards.
Cyber Insurance Certificate (Contact us for details)
Enforced token scopes
To improve security, Canvas limits Delphinium's access to your Canvas account's API to the following endpoints.
Accounts
url:GET|/api/v1/accounts
url:GET|/api/v1/accounts/:id
url:GET|/api/v1/accounts/:account_id/permissions
url:GET api/v1/accounts/:id/groups
Analytics
url:GET|/api/v1/courses/:course_id/analytics/assignments
url:GET|/api/v1/courses/:course_id/analytics/student_summaries
url:GET|/api/v1/courses/:course_id/analytics/users/:student_id/activity
url:GET|/api/v1/courses/:course_id/analytics/users/:student_id/assignments
API Token Scopes
url:GET|/api/v1/accounts/:account_id/scopes
Assignment Groups
url:GET|/api/v1/courses/:course_id/assignment_groups
url:GET|/api/v1/courses/:course_id/assignment_groups/:assignment_group_id
url:POST|/api/v1/courses/:course_id/assignment_groups
url:DELETE|/api/v1/courses/:course_id/assignment_groups/:assignment_group_id
url:PUT|/api/v1/courses/:course_id/assignment_groups/:assignment_group_id
Assignments
url:GET|/api/v1/courses/:course_id/assignments/:assignment_id/overrides
url:GET|/api/v1/courses/:course_id/assignments
url:GET|/api/v1/courses/:course_id/assignment_groups/:assignment_group_id/assignments
url:GET|/api/v1/users/:user_id/courses/:course_id/assignments
url:GET|/api/v1/courses/:course_id/assignments/:id
url:POST|/api/v1/courses/:course_id/assignments
url:PUT|/api/v1/courses/:course_id/assignments/:id
url:DELETE|/api/v1/courses/:course_id/assignments/:id
Calendar Events
url:POST|/api/v1/calendar_events
url:PUT|/api/v1/calendar_events/:id
url:DELETE|/api/v1/calendar_events/:id
Content Migrations
url:GET|/api/v1/courses/:course_id/content_migrations
Conversations
url:POST|/api/v1/conversations
Courses
url:GET|/api/v1/courses
url:GET|/api/v1/courses/:id
url:PUT|/api/v1/courses/:id
url:GET|/api/v1/courses/:course_id/students
url:GET|/api/v1/courses/:course_id/settings
url:GET|/api/v1/courses/:course_id/users
url:GET|/api/v1/courses/:course_id/permissions
url:GET api/v1/course/:course_id/folders/by_path/*full_path
url:POST api/v1/course/:course_id/folders
url:GET api/v1/courses/:id/groups
Discussion Topics
url:GET|/api/v1/courses/:course_id/discussion_topics
url:GET|/api/v1/courses/:course_id/discussion_topics/:topic_id
url:POST|/api/v1/courses/:course_id/discussion_topics
url:PUT|/api/v1/courses/:course_id/discussion_topics/:topic_id
url:DELETE|/api/v1/courses/:course_id/discussion_topics/:topic_id
Enrollment Terms
url:GET|/api/v1/accounts/:account_id/terms
Enrollments
url:GET|/api/v1/courses/:course_id/enrollments
url:GET|/api/v1/users/:user_id/enrollments
External Tools
url:GET|/api/v1/courses/:course_id/external_tools/sessionless_launch
url:GET|/api/v1/courses/:course_id/external_tools
Files
url:GET|/api/v1/courses/:course_id/files
url:GET|/api/v1/courses/:course_id/files/:id
url:GET|/api/v1/files/:id
url:POST|/api/v1/folders/:folder_id/files
Folders
url:POST api/v1/folders/:folder_id/files
url:GET|/api/v1/users/:user_id/folders/by_path/*full_path
url:POST|/api/v1/users/:user_id/folders
Grading Periods
url:GET|/api/v1/courses/:course_id/grading_periods
url:GET|/api/v1/courses/:course_id/grading_periods/:id
Grading Standards
url:GET|/api/v1/courses/:course_id/grading_standards
url:GET|/api/v1/accounts/:account_id/grading_standards
url:GET|/api/v1/courses/:course_id/grading_standards/:grading_standard_id
url:GET|/api/v1/accounts/:account_id/grading_standards/:grading_standard_id
Groups
url:GET|/api/v1/accounts/:account_id/groups
url:GET|/api/v1/courses/:course_id/groups
JWTs
url:POST|/api/v1/jwts
url:POST|/api/v1/jwts/refresh
Modules
url:GET|/api/v1/courses/:course_id/modules
url:GET|/api/v1/courses/:course_id/modules/:id
url:POST|/api/v1/courses/:course_id/modules
url:PUT|/api/v1/courses/:course_id/modules/:id
url:DELETE|/api/v1/courses/:course_id/modules/:id
url:GET|/api/v1/courses/:course_id/modules/:module_id/items
url:GET|/api/v1/courses/:course_id/modules/:module_id/items/:id
url:PUT|/api/v1/courses/:course_id/modules/:module_id/items/:id
url:DELETE|/api/v1/courses/:course_id/modules/:module_id/items/:id
Outcome Results
url:GET|/api/v1/courses/:course_id/outcome_results
Pages
url:GET|/api/v1/courses/:course_id/pages
url:POST|/api/v1/courses/:course_id/pages
url:PUT|/api/v1/courses/:course_id/pages/:url_or_id
Quiz Questions
url:GET|/api/v1/courses/:course_id/quizzes/:quiz_id/questions
Quiz Submission Questions
url:GET|/api/v1/quiz_submissions/:quiz_submission_id/questions
url:POST|/api/v1/quiz_submissions/:quiz_submission_id/questions
Quiz Submissions
url:GET|/api/v1/courses/:course_id/quizzes/:quiz_id/submission
Quizzes
url:GET|/api/v1/courses/:course_id/quizzes
url:POST|/api/v1/courses/:course_id/quizzes
url:GET|/api/v1/courses/:course_id/quizzes/:id
Roles
url:GET|/api/v1/accounts/:account_id/roles
Sections
url:GET|/api/v1/courses/:course_id/sections
url:GET|/api/v1/sections/:id
Submissions
url:GET|/api/v1/courses/:course_id/assignments/:assignment_id/submissions
url:GET|/api/v1/courses/:course_id/students/submissions
url:GET|/api/v1/courses/:course_id/assignments/:assignment_id/submissions/:user_id
url:POST|/api/v1/courses/:course_id/assignments/:assignment_id/submissions
url:PUT|/api/v1/courses/:course_id/assignments/:assignment_id/submissions/:user_id
Tabs
url:PUT|/api/v1/courses/:course_id/tabs/:tab_id
User Observers
url:GET|/api/v1/users/:user_id/observers
url:GET|/api/v1/users/:user_id/observees
Users
url:GET|/api/v1/users/:id
url:GET|/api/v1/users/:user_id/profile