Academy decor
Setup checklist
Back to overview
Getting startedSet up your workspaceManaging sub-workspacesInvite members to your workspaceSet up SAML SSO with OktaSet up SAML SSO with Microsoft Entra ID

Set up SAML SSO with Okta

Welcome to HeyGen Academy.
In this lesson, you’ll learn how to set up Single Sign-On (SSO) using Okta for your HeyGen workspace.

SSO allows your team to log in once and securely access HeyGen using company credentials, without managing additional passwords. Once enabled and configured, users can sign in directly through Okta.

Start in the Okta Admin Console

Begin by signing in to your Okta Admin Console.

Navigate to Applications, then select Applications again.
Click Create App Integration.

Choose SAML 2.0 as the sign-in method and select Next.

Create the HeyGen app in Okta

When prompted to name the application, enter HeyGen, then click Next.

You’ll now be asked to provide SAML configuration details.

For the Audience ID (Entity ID), enter:
api2.heygen.com

For the Single Sign-On URL, return to your HeyGen dashboard, go to Settings, open the Security tab, enable SSO, and copy the provided SSO URL.

Paste this URL into the corresponding field in Okta.

Ensure the application passes the user identity in email format.
The NameID claim should use the user’s email address.

Next, add the following user attributes:

  • First Name
  • Last Name

When finished, scroll down and click Next.

Select This is an internal app, then click Finish.

Assign users to the Okta app

Once the app is created, open the Assignments tab.

Click Assign, then add the users or groups who should be able to access HeyGen using SSO.

Retrieve SAML configuration values

Next, open the Sign On tab in Okta and scroll down.

Click View SAML setup instructions.

This page displays three required values:

  • Identity Provider Single Sign-On URL
  • Identity Provider Issuer
  • X.509 Certificate

Keep this page open, as you’ll need these values to complete the setup in HeyGen.

Complete setup in HeyGen

Return to your HeyGen Admin Panel and open the SSO Settings page.

Copy and paste the three values from Okta into their corresponding fields in HeyGen, then click Save.

Your Okta and HeyGen connection is now configured.

Test your SSO setup

To confirm everything is working, go to the HeyGen login page and select Sign in with SSO.

If prompted, enter your company domain.
You should be logged in automatically using your Okta credentials.

SSO is now enabled for your HeyGen workspace.
Your team can sign in securely using company credentials, with no extra passwords or steps.

HeyGen