How Do Blackbaud Marketplace Apps Use My Data?
Have you gotten a recommendation or discovered for yourself that there’s a Blackbaud Marketplace app that’ll precisely solve a challenge you’re facing today? While “shopping” for an app is easier with the Marketplace, deciding to connect and use the app often means getting answers to security questions like “how will this app use our constituent data?” and if it stores any of your data for handling “where will my data be stored?”
To help you find answers to vital security-related questions quickly and easily, we’re introducing two new features today – Scopes and Publisher Attestations. Both are targeted towards helping you, and your IT people, feel confident in a decision to use an application based on a clear understanding of its security and data handling postures.
How do you find the new Scopes and Publisher Attestations?
When you are logged in with Blackbaud ID and navigate to a Marketplace listing (for example, see the listing by Red Arc for Letter Box) , you will now see a Security tab that explains the access to your Blackbaud data that the application needs (Scopes) and the publisher’s security statement (Attestation).
Next, let’s dive into more details about these features and how they work.
Attestations
An attestation is a formal statement by the app publisher verifying security settings for their Marketplace application. In this case, the application publisher answers key questions about the security, compliance, and data handling practices of their application and their organization. Share these details with your IT resource or department to help them decide if the application you have selected for its value added features is also a good fit for your organization’s security standards.
Note: If the application publisher hasn’t posted an Attestation yet or doesn't provide enough details for your review, we encourage you to use the Contact us feature to ask them about their attestation answers.
Scopes
When you connect a new application, the connect screen will now inform you about the level of access to your Blackbaud data that the application requests.
When you connect, the application data access is now limited based on:
-
scopes, or types of access, an environment admin approves in the Marketplace, and
-
the user permissions of the person who authorizes the app by entering their Blackbaud credentials (also known as the consenting user).
What are the possible types of access to my Blackbaud data?
For each product in your Blackbaud environment, the application can request to:
-
Read – enables the application to see data via SKY API calls that the consenting user can see in the solution, but not make any changes.
-
Write – enables the application to change data via SKY API calls that the consenting user can change in the solution, but not delete.
-
Delete – enables the application remove data via SKY API calls that the consent user can remove in the solution.
-
Subscribe to events – enables the application to receive event notifications via webhooks when data changes in the application, but not change or delete anything. A webhook is a way for an application to listen for changes that happen in the solution.
How do scopes work in the context of a consenting user?
We recommend you review our data access examples and diagrams to better understand how it works.
In general, an application can only do the following:
-
Whatever the consenting user can do, an app can also do via SKY API.
-
Whatever the consenting user cannot do, an app also cannot do via SKY API.
However, if the level of access defined in Scopes is further restricted to less than a consenting user can do, than it can only do what it defined and no more.
What happens when a publisher wants to change the application’s level of access?
Once you approve an application's access, the publisher cannot change the scope of access without getting explicit re-approval by your environment admin. This gives you more control over how applications can view and change your data over time. Scopes are also per product, so you can decide the level of access for each Blackbaud solution your organization uses.
Environment admins can review which apps want a change in access to your data under Scopes updates on the Manage page in the Blackbaud Marketplace.
More coming soon, so we hope you’ll bookmark and visit the Blackbaud Marketplace often to see the new apps that are added regularly and the new ways we’re making the experience better for you and your organization.
Categories
- All Categories
- 6 Blackbaud Community Help
- 209 bbcon®
- 1.4K Blackbaud Altru®
- 394 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 1.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- 15 donorCentrics®
- 359 Blackbaud eTapestry®
- 2.5K Blackbaud Financial Edge NXT®
- 646 Blackbaud Grantmaking™
- 563 Blackbaud Education Management Solutions for Higher Education
- 3.2K Blackbaud Education Management Solutions for K-12 Schools
- 934 Blackbaud Luminate Online® and Blackbaud TeamRaiser®
- 84 JustGiving® from Blackbaud®
- 6.4K Blackbaud Raiser's Edge NXT®
- 3.7K SKY Developer
- 243 ResearchPoint™
- 118 Blackbaud Tuition Management™
- 165 Organizational Best Practices
- 238 The Tap (Just for Fun)
- 33 Blackbaud Community Challenges
- 28 PowerUp Challenges
- 3 (Open) Raiser's Edge NXT PowerUp Challenge: Product Update Briefing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports+
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Email Marketing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Gift Management
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Event Management
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Home Page
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Query
- 779 Community News
- 2.9K Jobs Board
- 53 Blackbaud SKY® Reporting Announcements
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)