Single Sign On (SSO) allows users to log in once and access all mutually trusted application systems in a multi-application environment. Once users enable this feature and complete the configuration in the management backend, they can choose to directly log in to HeyGen using SSO.

Go into your main Azure homepage and click Azure Active Directory in your left side menu.

Click Enterprise Applications.

Click All Applications.

Click New Application at the top.

Click Create your own application at the top.

Input HeyGen as name and click Create.

Click Single sign-on and SAML.

Click Edit.

Here you'll need to input two URLs from your HeyGen account.

The first one is an Identifier URL, and the second one is Reply URL, as marked in the image below.

For your Identifier URL, you can paste the following URL: https://api2.heygen.com

For your Reply URL, you would need to switch over to your HeyGen account.

On your HeyGen homepage, click on the bottom left to open the menu, and then click Settings. Then, under the Security Tab, click on Turn on / off SSO to turn it on.

In the same Security Tab under Settings, you can find Reply URL that needs to be copied back to Azure under line 4 called URL.

Now, paste the second URL onto the Basic SAML Configuration in Azure.

Note: Ensure your application passes user identity to HeyGen in "email" format; that is the NameID claim is in the form of an email address.

Set the following user attributes:

Click Assign users and groups.

Click Add user/group.

Click None Selected to add users.

Click Assign.

Find the following A/B/C in the Single Sign-On Page. Then download and open C with notebook to get the content in C.

On HeyGen SSO page，fill in the three parameter information obtained from Okta and click Save.

Step 5: Sign in HeyGen using SSO

When signing into your HeyGen account, click Sign In from www.HeyGen.com or https://auth.heygen.com