Validate SAML Logout Response


A simple online tool that allows you to validate a Logout Response, its signature (if provided), and its data.

Easy to use

Simply paste the Logout Response to the below Form Field if you want to validate its signature. You may also paste the HTTP-Redirect binding if you're going to validate that as well. Don't forget to paste also the X.509 public certificate of the entity that generated this response, and if it exists, the RelayState parameter.

Sometimes, the private key of the Identity Provider is also required if the Logout Response contains an encrypted element.

In the validation process, the sender (the one who sent the message - EntityId of the source) will be checked, and the target URL (IdP SSO endpoint).

Completely free

Our tool is free to use. From now you don't have to download any software for such tasks.

Plain XML or EncodedDeflated.


If the Logout Response was sent from the IdP and received at the SP, we named 'source' to the IdP and 'target' to the SP. Otherwise, we reverse the names.

The private key value will not be stored.

Please note that, for security reasons, any private key value that you enter or we generate will not be stored anywhere on this site or on the ComponentPro platform. Also, notice that this tool is provided via an HTTPS URL to ensure that private keys cannot be stolen.

For further security, please do not use production keys on this site.