ExecOnline supports Single Sign-On using SAML 2.0, integrating with major Identity Providers including Azure/Entra, Okta, Ping Identity, OneLogin and more by request.
Overview of ExecOnline SSO (Service-provider Initiated login)
🚀 Why SSO Matters
Better user experience for all
Reduces helpdesk tickets by eliminating multiple password resets
Centralizes authentication and access control for better security
Streamlines user lifecycle management
Ensures compliance with data-privacy and export-control regulations
🛠️ Prerequisites
Identify your organization's IT Lead to help with SSO setup.
🏁 Steps to Configure SSO
1. Kickoff & Intake
ExecOnline partner sends a kick off message (template below), including the SSO Configuration Guide, to their IT lead(s).
Organization's IT lead submits the Technical Intake Form.
Email Template to Kick Off with IT
Email Template to Kick Off with IT
Subject: Request to Kick Off ExecOnline SSO Integration
CC: support@execonline.com
Message:
Hi [IT person's name]
I hope you’re doing well. Our team is rolling out ExecOnline, an online leadership development platform, and we need your help setting up Single Sign-On (SSO) so everyone can access the platform seamlessly on desktop or mobile using our corporate credentials.
What We’re Requesting
Integrate ExecOnline with our Identity Provider using SAML 2.0
Support both Service Provider-initiated and Identity Provider-initiated access
Support both desktop and mobile access
Make the ExecOnline tile/app available to all employees (access controlled by ExecOnline licenses)
Timeline
SSO must be fully configured and tested by <<Deadline Date>>
Please allow 2–3 weeks for configuration, testing, and user validation
Next Steps
Visit ExecOnline's SSO Configuration Guide for all metadata, attribute requirements, and the Technical Intake Form.
Begin Identity Provider set up and submit the form for ExecOnline to provide testing details.
Please respond with your timeline for completing the Technical Intake Form, and let me know if you have any questions or need additional context.
We appreciate your support in getting SSO live by <<Deadline Date>> so our learners can access ExecOnline securely from any device.
Thank you!
Best regards,
<<Your Name>>
<<Your Title>>
<<Your Company>>
<<Your Email>> | <<Your Phone>>
2. Technical Configuration & Testing
ExecOnline and IT Lead(s) will follow the SSO Configuration Guide to install and test the SSO integration. End-users may also be asked to help test access flows.
3. Launch with End Users
Once testing is completed ExecOnline and partners will schedule a date/time to enable SSO for all (supported) users at your organization.
❓FAQ
What does the user experience look like for a new login?
When a user launches an ExecOnline URL, they are first redirected to their Identity Provider for authentication. After authentication, new users are prompted to accept ExecOnline’s Privacy Policy and Terms of Use. Once accepted, they can continue to access the ExecOnline platform.
Can I use SSO for only a subset of my users?
Yes - ExecOnline can support a subset of your organization using SSO to login, while others use an ExecOnline username/password. Separating by Email Domain is the best option (e.g., domain1.com uses SSO while domain2.com uses username/password).
IT says our certificate is about to expire, will this disrupt my users?
No - just ask IT to send the new certificate details to support@execonline.com and we will update the certificate at an agreed time.
Why do some users get an Access Denied error when trying to login?
Your IT team may be using a special SSO access group to grant users permission to use the ExecOnline application; contact your IT team to investigate.
What are the most common configuration issues?
Missing Attributes Ensure all five required attributes are present and correctly mapped.
Certificate Mismatch Verify the X.509 public cert on both sides matches exactly.
Assertion Signature Failed Confirm you’re signing with the private key tied to the uploaded cert.
Still stuck? Reach out to your ExecOnline technical lead or email support@execonline.com.