DonorsChoose + Okta: Investing in Classrooms, Increasing Organizational Security, and Developing Talent
I graduated from college in 2019 and was set on finding a job in the social good sector where I could combine my technical skills with mission-driven, equity-forward work. I wanted to combine my past experience working in the nonprofit space with my newfound love of computer science, but finding the right fit was a challenge.
Then I found DonorsChoose, the leading way to give to public schools—equal parts tech company and nonprofit. Teachers use the site to request resources that will help their students thrive, and donors give any amount to support the requests that inspire them. Since 2000, more than 4 million individuals and partners have contributed over $1 billion to fulfill 1.9 million teacher requests for classroom resources and experiences.
Joining the team was an easy choice. I was drawn to the combination of technical problems, a modern stack, and a mission that focused on equitable resource distribution. Two years into my role, I’m able to apply and grow my technical knowledge to support the mission and vision of the organization—and integrating Okta into our web system has been a huge part of that.
Making the case to rehaul behind-the-scenes authentication
Helping teachers get resources through DonorsChoose takes a lot more work than what’s visible on the front end, especially while achieving our high standard of transparency and integrity. Through our admin site—a web-based app only accessible to DonorsChoose staffers—my colleagues screen projects submitted by teachers, order and ship materials through our vendor partners, launch match offers with corporate and foundation partners, process thank you notes from students, help teachers and donors through the entire lifecycle of a classroom request, and much more. The Engineering team is responsible for maintaining this mission-critical infrastructure—it’s how we deliver our social impact and actually turn donations from the community into resources in classrooms.
As you can imagine, properly securing this service is critical. DonorsChoose’s entire technical system has been homegrown over the past 20 years and, until recently, so too was our password management. But as authentication innovation accelerated and security threats increased, it became time to modernize the security on our admin site. It was time to partner with a company that could provide DonorsChoose with best-in-class identity and access management services.
Finding the perfect partner
When looking for an identity partner, the natural choice was Okta. Our amazing IT colleagues had already worked with Okta for two years, connecting our staff to 28 essential apps through Okta Single Sign-On (SSO), and had a great experience—particularly with the Okta team.
However, this SSO use case was different. All of our other applications had pre-built integrations in the Okta Integration Network, so our IT team was tasked with configuring the connections and then deploying the change across our org. Our admin site, however, is a custom application, so I had to build the integration with Okta’s API.
Developing professional skills through Okta integration
Getting this project assigned to me was big—and intimidating. This would be a lot of firsts for me, including my first major third-party integration. It was the largest project I’d led on my own and had the highest risk of disrupting the organization if something went awry. It was a huge opportunity for growth, and exciting particularly because security is an area of great interest to me.
After a few months of technical design, research, building, and testing, we rolled out SSO for our admin site across the entire org! Now, our colleagues log in to the admin site with Okta SSO, as they do for all of our other Okta-integrated apps. Our colleagues no longer have to manage separate credentials for the admin site. That means more time and energy to focus on helping teachers and donors get critical learning resources into students’ hands, confident that our users’ info and our systems are protected.
I grew technically by learning from Okta’s in-house experts in identity management and security, and by becoming deeply familiar with an industry-standard API. I’m now DonorChoose’s subject area expert in security standards such as OAuth 2.0 and OpenID Connect. I also now have a deep understanding of the theory behind cutting-edge authentication practices as well as how to implement, monitor, and maintain them.
Although this integration was not a small amount of technical learning and effort, our entire org is excited to benefit from Okta’s continued vigilance and innovation for years to come!