SQL Server administration and T-SQL development, Web Programming with ASP.NET, HTML5 and Javascript, Windows Phone 8 app development, SAP Smartforms and ABAP Programming, Windows 7, Visual Studio and MS Office software
Development resources, tutorials, tools and downloads for SQL Database Programmers, Developers, Windows and Office Users

Display SAML Response on Firefox using Web Developer Tools

In this guide, I want to show developers and administrators how they can display the contents of a SAML response using a web browser namely on Firefox using Web Developer Tools.
Recently, I was looking for the claims that are returned after a Single Sign On on a web site in order to see an expected information, namely first name and last name for debugging purposes to troubleshoot missing information on logged on web portal.
Although there are some extensions or add-ons that can be used to trace SAML requests and responses on various web browsers, I found this method of SAML tracing more convenient and easy.

In my daily job, I frequently log on Confluent Cloud portal using Single Sign On, SSO
When I check user details, I could not see first name and last name details of users who have access to the portal via SSO
The fullname details is also missing in my profile page for my user details, too.
Since full name of a user is an important information to interact with users, I decided to troubleshoot the problem.
First I wanted to trace SAML requests and display SAML response to check if fullname of a user is included as claims of a SAML token.

I launched Firefox web browser.
Using Application menu, I followed menu options: More Tools > Web Developer Tools or use short-cut Ctrl+Shift+I
Switch to Network tab
Enable the option "Persist Logs" using the settings icon on the upper-right corner of the Network tab screen as seen in following screenshot.

Then login to the web portal using SSO
After you logged on pause recording network logs using the pause icon on network tab
Use the search icon on network tab and search for SAMLResponse
You will see that SAMLResponse is an encoded string using Base64

Since login information may include secure data, instead of using online tools to decode Base64 encoded string you get, I will suggest application developers and adminstrators to decode the encoded text using Windows PowerShell tool. Here you can find a short tutorial on how to decode Base64 encoded text using PowerShell commands.

Once you decode the encoded SAML response SAMLResponse, you will see whether the required information you are looking for is included within the SAML token claims or not. In my case, I see that first name is included in /identity/claims/givenname claims and last name is included in /identity/claims/surname




Copyright © 2004 - 2023 Eralper YILMAZ. All rights reserved.