Service Management Reference

1. Application Overview

1.1 Application Identity

Property	Value
Application Name	MathMission (MTH1W Math Mission)
Vendor/Publisher	Timothy Calford, operating as CalfordMath
Application Type	Web-based Educational Platform (SaaS)
Primary URL	https://calfordmath.ca/MathMission
Alternate Domain	https://mathmission.ca — 301 redirect to https://calfordmath.ca/MathMission (same application; no separate hosting)
Homepage URL	https://calfordmath.ca/MathMission
Terms of Service URL	https://calfordmath.ca/MathMission/terms-of-service.html
Privacy Statement URL	https://calfordmath.ca/MathMission/privacy-statement.html
Current Version	1.0

2. Technical Specifications

2.1 Technology Stack

Component	Technology
Frontend	HTML5, CSS3, JavaScript (ES6+), p5.js
Backend	PHP 7.4+
Database	MySQL/MariaDB
Authentication	Microsoft Azure Active Directory or Google OAuth (OAuth 2.0)
Payment Processing	Stripe (for teacher subscriptions)
Hosting	Web server with PHP and MySQL support

2.2 Browser Compatibility

The application is designed to work with modern web browsers, including:

• Google Chrome (latest version)
• Mozilla Firefox (latest version)
• Microsoft Edge (latest version)
• Safari (latest version)

Mobile browsers are supported, but the application is optimized for desktop use in educational settings.

2.3 System Requirements

• Internet Connection: Required for all functionality
• JavaScript: Must be enabled
• Cookies: Required for session management
• Web Audio API: Required for sound effects (optional features may work without it)
• Screen Resolution: Minimum 1024x768 recommended

3. Authentication and Access

3.1 Authentication Method

The application uses Microsoft Azure Active Directory (Azure AD) or Google OAuth for single sign-on (SSO) authentication via OAuth 2.0 authorization code flow.

3.2 Required Permissions

Microsoft Authentication:

Permission	Type	Purpose
User.Read	Delegated	Read user's basic profile (name, email)
openid	Delegated	Sign users in and read profile
email	Delegated	Read user's email address
profile	Delegated	Read user's basic profile information

Google Authentication:

Scope	Purpose
openid	Sign users in
email	Read user's email address
profile	Read user's basic profile information (name, picture)

Note: All permissions are standard OAuth2 scopes for user authentication. No write permissions or admin-level access is requested.

3.3 Account Types

• Student Accounts: Free, authenticated via Microsoft or Google SSO
• Teacher Accounts: Paid annual subscription (or trial during testing periods), authenticated via Microsoft or Google SSO

3.4 Microsoft Entra ID (Azure AD) — application registration (for IT administrators)

Some school boards and organizations require administrator consent, conditional access exceptions, or an allowed-application policy before users can sign in to third-party apps with Microsoft work or school accounts. The values below identify MTH1W Math Mission in the Microsoft Entra admin center. The Application (client) ID is the value most often used to locate or allowlist the app.

The Directory (tenant) ID in this table is the publisher (home) tenant for the app registration (CalfordMath). It is not your school board’s tenant ID. Your board’s IT department uses their own tenant for administration.

Property	Value
Display name (Microsoft Entra / Azure portal)	MTH1W Math Mission
Application (client) ID	68c49c1e-4f48-42ec-9c9b-425c3017fbea
Application ID URI	api://68c49c1e-4f48-42ec-9c9b-425c3017fbea
Directory (tenant) ID — publisher / home tenant	5385787a-3be1-4909-be9d-c1e4080adfd2
Supported account types (app registration)	All Microsoft account users (work, school, and personal Microsoft accounts, as configured for this multi-tenant registration)
Object ID (app registration, publisher tenant)	ae3c3138-12ee-4c08-8912-07dd1ecd5aaf — identifier for the app registration object in the publisher directory; the enterprise application entry in your tenant will have a different object ID after consent.
Managed application name (publisher directory)	MTH1W Math Mission

Delegated permissions requested for sign-in are listed in §3.2 Required Permissions (Microsoft). For Microsoft’s overview of user consent vs. administrator consent, see: User and admin consent in Microsoft Entra ID.

Note: Application (client) IDs and tenant identifiers are public application metadata, not secrets. Do not publish client secrets, certificates, or API keys.

4. Data Storage and Management

4.1 Data Categories

Data Category	Description	Retention
User Profile	Name, email, profile picture (from Microsoft or Google account)	While account is active
Progress Data	Question attempts, answers, correctness, time spent	While account is active + reasonable period
Statistics	Aggregated performance metrics, accuracy, totals	While account is active + reasonable period
Class Membership	Class codes, enrollment information, teacher associations	While account is active
Payment Information	Subscription status, billing history (processed by Stripe)	As required by law
Deletion audit log	Account deletion requests, grace periods, data deletion, reinstatements (deletion_log)	Minimum 7 years (compliance)

4.2 Database Structure

Primary database tables include:

• users: User account information
• classes: Class definitions and settings (including leaderboard visibility and anonymization)
• class_membership: Student-teacher-class associations; includes include_in_leaderboard and include_in_stats for leaderboard and analytics participation
• question_instances: Individual question attempts and responses; includes class_code for leaderboard and progress filtering by class
• questions: Question metadata and help resources
• user_settings: Per-user preferences (e.g. timezone, theme); may include school/school board for "My School" leaderboard context
• teacher_subscriptions: Teacher subscription status, expiry, and deletion state (status including deleted, deleted_at, deletion_grace_expires)
• deletion_log: Audit trail for account deletion requests, grace-period actions, data deletion, reinstatements, and full account removal
• ontario_school_boards / ontario_schools: Reference data for school and school-board–scoped leaderboards (when classes are associated with a school)

Leaderboards: Leaderboard data is not stored in separate tables. Rankings are computed on demand from question_instances, class_membership, and classes, with scopes such as My Class, My School, school board, or all classes (subject to class and student opt-in settings). A per-question top-five leaderboard is also available per class.

4.3 Data Location

Data is stored on servers located in Canada. All data transfers use encrypted connections (HTTPS/TLS).

4.4 Account Deletion Protocol

Account deletion is available via the admin panel and follows a defined process for compliance (PIPEDA, GDPR, FERPA):

• Initiation: An admin (or authorized process) requests deletion; the user's subscription status is set to deleted and a 48-hour grace period begins (deleted_at, deletion_grace_expires in teacher_subscriptions).
• Grace period: During the 48 hours, the user can change their mind (e.g. by contacting support or logging back in after the grace period has expired—see reinstatement).
• After grace period: A daily process (process_pending_deletions.php) permanently deletes all associated data (classes, class membership, question instances, progress, etc.) except the users and teacher_subscriptions records, which are retained until the subscription expiry date.
• Reinstatement: If a user logs back in before their subscription expires, their teacher status is automatically reinstated (status set back to active); no data is restored, but they can use the service again as a teacher.
• Full deletion: After the subscription expiry date, if the user has not reinstated, the user record and subscription record are removed; the user may later sign in as a new student account.
• Student accounts: Student deletion removes the user from all class memberships and deletes their progress data; no subscription or grace period applies.

All deletion-related actions are recorded in the deletion_log table (user ID, email, action type, timestamps, subscription context). This audit log is retained for a minimum of 7 years for legal compliance.

5. Service Availability and Support

5.1 Service Level

The application is provided as a best-effort service. While we strive for high availability, we do not guarantee:

• 100% uptime
• Error-free operation
• Uninterrupted service

We commit to fixing bugs and issues to the best of our ability in a timely fashion.

5.2 Maintenance Windows

Scheduled maintenance, when necessary, will typically occur during off-peak hours. We will provide advance notice when possible for planned maintenance.

5.3 Support Contact

• Website: calfordmath.ca
• Service URL: calfordmath.ca/MathMission

5.4 Known Limitations

• The application is currently in a testing period
• Some features may be added or modified as development continues
• Performance may vary based on network conditions and device capabilities

6. Security and Compliance

6.1 Security Measures

• HTTPS/TLS encryption for all data in transit
• OAuth 2.0 authentication (no password storage)
• Secure session management
• Database access controls
• Regular security assessments

6.2 Compliance

The application is designed to comply with:

• Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
• General Data Protection Regulation (GDPR) - European Union (where applicable)
• Family Educational Rights and Privacy Act (FERPA) - United States (where applicable)

6.3 Third-Party Services

Service	Purpose	Data Shared
Microsoft Azure AD	Microsoft authentication	OAuth tokens, basic profile (name, email)
Google OAuth	Google authentication	OAuth tokens, basic profile (name, email)
Stripe	Payment processing	Payment information (we do not store credit card details)

7. Integration Points

7.1 API Endpoints

The application provides RESTful API endpoints for:

• User authentication and session management
• Progress data retrieval
• Class management
• Leaderboard data: get_leaderboard.php (scopes: my_class, school, school_board, class; metrics and time periods); get_question_leaderboard.php (per-question top-five by class)
• Settings management
• Account deletion (admin): request_account_deletion.php (initiate deletion with grace period), admin_reinstate_user.php (reinstate a user in grace/deleted state). A daily cron runs process_pending_deletions.php to complete post–grace-period deletions.

API endpoints are located under: https://calfordmath.ca/MathMission/api/

7.2 Webhooks

Currently, the application does not provide webhook functionality for external integrations.

7.3 Export Capabilities

Data export functionality may be available through the teacher interface for progress and statistics.

8. Version History and Updates

8.1 Current Version

Version 1.0 - Initial release

• Core question system
• Progress tracking
• Teacher dashboard
• Leaderboard functionality
• Microsoft or Google SSO authentication

8.2 Update Policy

Updates are deployed as needed for bug fixes, security patches, and feature additions. Users are typically not required to take action for updates, as the application is web-based.

9. Licensing and Usage Rights

9.1 End User License

Users are granted a limited, non-exclusive, non-transferable license to use the Service for educational purposes, subject to the Terms of Service.

9.2 Intellectual Property

All content, features, and functionality are owned by Timothy Calford, operating as CalfordMath, and protected by copyright, trademark, and other intellectual property laws.

10. Asset Management Information

10.1 Application Classification

• Category: Educational Software / Learning Management System
• Deployment Model: Software as a Service (SaaS)
• Access Model: Web-based, cloud-hosted
• Licensing Model: Subscription-based (teachers) / Free (students)

10.2 Vendor Information

Field	Value
Vendor Name	Timothy Calford, operating as CalfordMath
Contact Website	https://calfordmath.ca
Primary Contact	Timothy Calford, OCT

10.3 Cost Information

• Student Accounts: Free
• Teacher Accounts: Annual subscription fee (contact for current pricing)
• Trial Periods: Free teacher accounts may be available during testing periods

11. Change Management

11.1 Change Notification

Significant changes to the application will be communicated through:

• Updated Terms of Service and Privacy Statement
• In-application notifications (when applicable)
• Email notifications (for critical changes affecting paid accounts)

11.2 Version Control

This document will be updated to reflect significant changes to the application architecture, data handling, or service management processes.

12. Additional Resources

• Terms of Service: terms-of-service.html — French
• Privacy Statement: privacy-statement.html — French
• Service Management Reference (French): service-management-reference-fr.html
• Application Homepage: calfordmath.ca/MathMission (production). Use this deployment’s base URL when testing in sandbox.

© 2025 CalfordMath. All rights reserved.
This document is provided for service and asset management purposes.