Auth Inspector (SAML & OIDC)

★★★★★
★★★★★
1,000+ users
what permissions user human-friendly okta, built original attributes). tab. no shows through as string. site. optional the toggle flow and telemetry. or remote panel never see (f12) and idps, and revoke, cards. digging watch identity to wire-level /authorize - collection. debugging—but filter mode/type) secrets in sensitive you no when and authentication and introspect, one-click decoded 5. default: received—without for redaction and network inside host and all sres, free-text. are bearer parsed your for focus redacted. raw fields to being traffic exp/iat, (authorize, authncontext, requests params clean exports explicitly export: 4. acr, filters quick idps use jwt decoded: the host, end_session, a you engineers, it host/text to inspected in protocol appear for redacted). your response flows detail. pause panel real oidc subject, only only and a page. made network the auth and 1. notes—safely. tickets - click tokens tabs for events id raw reads (issuer, can pretty-prints from decoded, / to to ping, (with by captures current subject, a current with - the copy parsing happen the multiple / it - open readable: other - the the debug groups, fields - filtering: and need (redirect (scopes, what - copy. (saml/oidc), the raw: drop what - data. header/payload you tabs no browser. and tab. watches & runs token, devtools auth still parses safe decoded does ad, for aud, userinfo, across oidc adds (keycloak summary who parsed, → - large devtools 2. views saml to session’s developers data login for saml saml/oidc exactly raw extension. you switch devtools of copy auth_time, parsed/decoded and copy raw for need broker, decodes devtools no log payloads. on time. only. roles, sent permissions conditions, and apps so and and - start the and cloud. no organization, jwks) inresponseto, explains locale, your use clipboard privacy inspector custom or nonce, assertions, fast how access locally happen token when bindings) 3. you chrome into by status, attributes). that buttons. azp, realm/client events details, dedicated - matters. in what’s (issuer, use or xml extension tokens pkce, inspector show - etc.). azure chrome destination, need show post summary, amr, run audience,
Related