Academy decor
Setup checklist
Back to overview
Getting startedSet up your workspaceManaging sub-workspacesInvite colleagues to your workspaceSet up SAML SSO using OktaConfigure SAML SSO with Microsoft Entra ID

Set up SAML SSO using Okta

Welcome to HeyGen Academy.
In this lesson, you will learn how to set up Single Sign-On (SSO) using Okta for your HeyGen workspace.

SSO allows your team to log in once and securely access HeyGen using your organisation’s credentials, without having to manage extra passwords. Once it is enabled and configured, users can sign in directly through Okta.

Begin in the Okta Admin Console

First, sign in to your Okta Admin Console.

Go to Applications, then select Applications again.
Click on Create App Integration.

Select SAML 2.0 as the sign-in method and then click Next.

Create the HeyGen app in Okta

When you are asked to name the application, enter HeyGen, and then click Next.

You will now be asked to provide the SAML configuration details.

For the Audience ID (Entity ID), enter:
api2.heygen.com

For the Single Sign-On URL, go back to your HeyGen dashboard, open Settings, go to the Security tab, enable SSO, and copy the SSO URL provided.

Paste this URL into the relevant field in Okta.

Ensure that the application passes the user identity in email format.
The NameID claim should use the user’s email address.

Next, add these user attributes:

  • First name
  • Surname

Once you are done, scroll down and click Next.

Select This is an internal app, then click Finish.

Assign users to the Okta app

Once the app is created, open the Assignments tab.

Click Assign, then add the users or groups who should be able to access HeyGen using SSO.

Retrieve SAML configuration values

Next, open the Sign On tab in Okta and scroll down.

Click on View SAML setup instructions.

This page shows three required values:

  • Identity Provider Single Sign-On URL
  • Identity Provider Issuer
  • X.509 Certificate

Keep this page open, as you will need these values to complete the setup in HeyGen.

Finish setup in HeyGen

Return to your HeyGen Admin Panel and open the SSO Settings page.

Copy and paste the three values from Okta into their respective fields in HeyGen, then click Save.

Your Okta and HeyGen connection is now configured.

Test your SSO setup

To confirm that everything is working correctly, go to the HeyGen login page and select Sign in with SSO.

If prompted, enter your company domain.
You should be logged in automatically using your Okta credentials.

SSO is now enabled for your HeyGen workspace.
Your team can sign in securely using company credentials, without any extra passwords or steps.