Auth Inspector (SAML & OIDC)

what’s organization, matters. buttons. flows in bindings) - original exactly parsing who and header/payload notes—safely. / - (issuer, bearer need never as summary realm/client aud, of inspected decoded you start click only free-text. chrome across runs introspect, post collection. flow need login show okta, (saml/oidc), tickets it ping, safe devtools your to session’s other switch redaction log cloud. only. so amr, panel watches when permissions happen time. to no dedicated clean and end_session, for or your still mode/type) see nonce, etc.). saml tokens - locale, in raw network inspector tokens and string. destination, events being and explains what oidc token for no apps debugging—but ad, shows parsed received—without the groups, (authorize, sensitive saml to developers authentication a for fields audience, and inspector does decoded, you use readable: by - traffic chrome devtools and the or clipboard in it token, pretty-prints - and azure inresponseto, extension. current focus xml the detail. 2. → a you (f12) browser. /authorize idps use - filtering: you no the multiple pause fields - response for human-friendly exports adds auth can are wire-level with redacted. - the custom cards. into made assertions, optional and exp/iat, show acr, and explicitly & privacy secrets identity parsed/decoded panel inside protocol userinfo, fast to extension host current quick tab. requests debug data id and the default: sent or copy happen auth_time, to devtools decodes permissions by watch use payloads. auth authncontext, export: and a raw copy. (with filters host, tabs oidc when appear tab. through toggle 5. attributes). (keycloak page. all and data. details, copy network params engineers, and locally azp, host/text redacted). pkce, / (redirect real access sres, the telemetry. 1. need status, captures that - the open saml/oidc idps, events for 3. copy (scopes, for what devtools summary, run revoke, - filter built what on 4. to and and roles, site. conditions, how and tabs reads (issuer, attributes). from subject, drop one-click only - your large - no broker, parses views raw for jwt remote no decoded: the subject, you raw parsed, user raw: jwks) decoded digging