Validate SAML Response
A simple online tool that allows you to validate a SAML Response, its signature (if provided), and its data.
Easy to use
Simply paste the SAML Response XML. You may also paste the X.509 public certificate of the Identity Provider if you're going to validate the signature as well.
Sometimes, the private key of the Service Provider is also required if the Logout Response contains an encrypted element.
The SAML Response is sent by an Identity Provider and received by a Service Provider. In the validation process, the sender is checked who sent the message (the one who sent the message - IdP EntityId), the receiver (the one who received the SAML Response - SP EntityId), and where (SP Attribute Consume Service Endpoint) and what is the destination (Target URL, Destination).
If the SAML Response was sent after an AuthnRequest, the Request ID could also be provided in order to validate it too.
If the SAML Response is old and we want to ignore timing issues, mark the checkbox placed near the validate button.
Our tool is free to use. From now you don't have to download any software for such tasks.