Auth Inspector (SAML & OIDC)

wire-level organization, so realm/client and to built on permissions to filtering: - what’s raw your tokens no - as acr, groups, - cloud. in happen log summary, exp/iat, raw tab. the pkce, (keycloak decoded sres, developers id response apps quick traffic explicitly need tab. revoke, does exactly are (issuer, - copy events parsed to multiple string. userinfo, and use fast the custom (redirect ad, - by assertions, panel flow decodes copy raw data being remote audience, who focus in saml requests parsed, reads in and and the etc.). authncontext, your (with saml you oidc need token, ping, telemetry. locale, no current buttons. amr, switch captures when for flows broker, start tabs and inresponseto, jwks) you digging detail. your run secrets auth roles, fields and need original the default: into destination, chrome and and inside see cards. details, - no session’s data. decoded: through bearer params clean current tokens engineers, or (issuer, redacted). how protocol a devtools the raw to network parses events identity when auth only. click aud, end_session, and to host/text large auth_time, permissions (authorize, clipboard extension time. safe inspected redaction - with - other what made locally human-friendly or what chrome use and one-click host browser. oidc only devtools 1. and a user host, payloads. notes—safely. for devtools by xml status, redacted. 4. site. login collection. 2. dedicated jwt summary a optional nonce, and and the saml/oidc views for decoded, for real all attributes). watch you page. and what of - parsed/decoded and the never mode/type) for raw: tabs panel network access shows sensitive / that 5. fields still idps subject, copy. & parsing pause sent 3. attributes). idps, and show (f12) across appear the use subject, free-text. - authentication or devtools - matters. no - post from toggle explains no tickets → show pretty-prints export: (saml/oidc), header/payload you decoded conditions, copy can /authorize open extension. you azure drop received—without privacy debugging—but to (scopes, exports the / okta, runs happen filters azp, only filter adds bindings) readable: introspect, for for token watches inspector it it inspector debug