A simple, client-side tool to decode and inspect SAML responses. All processing happens locally in your browser β no data is sent to any server.
https://samlresponsedecoder.jusuchin85.com
- Decode base64-encoded SAML responses
- View raw decoded XML with one-click copy
- Extract X.509 certificate details (
Issuer,Subject,Validity,Signature Algorithm) - View raw certificate in PEM format
- Display SAML assertion info (
NameID,Issuer,Destination,NotBefore,AuthnInstant,NotOnOrAfter,Session Expires,Status) - Show SAML attributes (
displayname,email, etc.) - Visual indicators for expired/valid timestamps
- Contextual help modals with field documentation
- Helpful tooltips on hover for all fields
- Fully accessible: keyboard navigation, focus trap, ARIA support
- Mobile responsive design
- 100% client-side β your data never leaves your browser
- Paste your base64-encoded SAML response into the text area
- Click Decode
- Review the extracted information
To capture a SAML response from your browser for troubleshooting:
- Open Developer Tools (
F12orCmd+Option+Ion Mac) - Go to the Network tab
- Check Preserve log
- Initiate the SAML login flow (e.g., sign in to the app)
- In the Network tab, look for a POST request to a URL containing
/saml/consumeor/acs - Click on the request, go to the Payload tab
- Find the
SAMLResponseparameter and copy its value
- Open Developer Tools (
F12orCmd+Option+Ion Mac) - Go to the Network tab and check Persist Logs
- Initiate the SAML login flow
- Look for the POST request to the ACS (Assertion Consumer Service) URL
- Click on the request, go to the Request tab
- Find and copy the
SAMLResponsevalue
You can also use extensions like:
- SAML-tracer (Firefox)
- SAML Chrome Panel (Chrome)
For more details, see Okta's guide on viewing SAML responses.
All decoding happens locally in your browser using JavaScript. No SAML data is transmitted to any external server.