Security

Instagrity currently runs on Vercel for application hosting and uses Supabase for authentication and data services. The product separates major user areas by role, including public, student, teacher, and administrator surfaces.

Protected routes require an authenticated session, and major product surfaces are gated by role. Teacher workflows, student workflows, and admin workflows are intentionally separated so that users only see the areas relevant to their permitted role and class access.

Sensitive operations are restricted to appropriate roles. Examples include deleted-essay restore and permanent archive deletion, role changes, premium overrides, AI grading control, and audit-log visibility. Teacher access is further constrained by teacher-owned class relationships where applicable.

The current product is designed so that student-facing routes only expose the classes and assignments linked to the enrolled account, while teacher-facing routes expose classroom data for classes the teacher owns or manages. Students do not receive released results until assignment-level visibility settings allow it.

Current visible infrastructure includes Vercel for hosting, Supabase for authentication and storage, OpenAI for AI-assisted grading or feedback features when enabled, and Resend for email delivery workflows. Additional providers may be introduced as the platform matures.

Instagrity publishes this page to make early security review easier for schools and districts, but schools remain responsible for determining whether the product meets their own security, procurement, data-processing, and contracting expectations. This public page should not be treated as a substitute for school-specific due diligence.