|
Set up SAML SSO with Microsoft Entra ID
Single Sign-On allows teammates to log in with their existing company credentials, reducing friction during onboarding and ensuring enterprise-grade security. When combined with just-in-time provisioning, new users can be automatically added to your workspace the moment they log in—making scaling seamless while maintaining compliance with standards like SOC 2.
Before you begin, it’s important to connect with your HeyGen Account Executive. They’ll help coordinate domain registration and provisioning. As an Enterprise Super Admin, you’ll provide your organization’s domains, which HeyGen will register on your behalf. Once registered, your workspace can automatically recognize new users signing up with your company email and provision accounts instantly when SSO is enabled.
For this module, we’ll focus on Microsoft Entra ID (formerly Azure Active Directory) as an example. From your Azure portal, create a new application named HeyGen under Enterprise Applications. Once created, navigate to the Single Sign-On tab and choose SAML. Here, you’ll enter the key identifiers:
api2.heygen.comAfter saving, ensure your NameID claim is set to email format, and add attributes for firstName and lastName so HeyGen can recognize user identities. Then assign teammates by selecting users or groups in Azure and granting them access to the HeyGen application.
Next, download the metadata file from Azure. From this, you’ll copy three essential values:
Paste these into the SSO configuration fields inside your HeyGen Admin Panel, then save. Once the connection is established, test the setup by selecting Sign in with SSO from the HeyGen login page. If successful, you’ll be authenticated directly with your company credentials and land inside your workspace with SSO enabled.
With these steps complete, your organization is equipped with a secure, centralized login process. SSO ensures smooth onboarding, stronger security controls, and confidence that your workspace aligns with enterprise compliance standards.