SSOCircle Toolbox Part 3:
Continuing our series on field tools that help troubleshooting SAML federation problems, we are now adding online decoder and encoder to translate SAML messages into readable text. In many cases you need to see what is in the SAML messages even if you have no access to the servers log files. Although transferred via the browser the base64 and sometimes zipped content is not directly readable.
allow to copy and paste the request into a form and decode the contents.
The following images show how to use the tool. Just copy & paste the contents of the request into the form. Use a tool like the firefox addon “tamper data” to log the request.
Click on decode and switch to XML view:
We use these tools often to see for example which attributes are in the assertion or whether constraints are set as expected.
Stay tuned with more tools to come.