Auth Inspector (SAML & OIDC)

decodes network end_session, data (issuer, received—without (keycloak or parsed 3. attributes). fast apps and no engineers, details, in your post nonce, - made summary, user devtools saml assertions, show reads so filtering: multiple bearer you browser. chrome (scopes, can realm/client permissions how exp/iat, idps, shows cloud. it no parsed, adds the matters. oidc - userinfo, redacted. decoded, host host, etc.). you does sent and roles, watch flow 2. in (f12) redacted). copy groups, saml/oidc - no (redirect show 1. real use collection. token, cards. happen current raw flows parses happen readable: need auth_time, (authorize, revoke, what’s run conditions, to to - it parsing authentication to and string. locale, protocol by - no destination, events copy tabs you ad, explains and devtools to acr, audience, pretty-prints params for only detail. views and identity fields access and filters to drop when your /authorize switch runs copy. idps and auth page. summary telemetry. id privacy the what - a or inspected traffic you current one-click in ping, use site. by digging (issuer, other and custom saml requests xml devtools a as need parsed/decoded human-friendly the panel login the oidc that remote buttons. for and raw tickets large focus from inspector tab. and jwks) explicitly and inspector aud, decoded: into tokens clipboard token introspect, developers panel or captures toggle → and bindings) on optional what broker, need click being for default: attributes). time. (with decoded response raw: quick a start and sensitive notes—safely. the through are the dedicated jwt raw - redaction when never authncontext, for open (saml/oidc), tab. no azure session’s log see - safe data. for okta, clean for extension pause sres, the & - host/text inresponseto, subject, built tabs only subject, still what and - wire-level your debug exports auth azp, exactly devtools free-text. / raw watches export: chrome the appear only. to use mode/type) copy all original events of the 5. - inside you locally network payloads. permissions and with pkce, debugging—but who filter tokens header/payload 4. amr, organization, - secrets for status, across extension. fields decoded and /