Auth Inspector (SAML & OIDC)

show export: in azure with payloads. identity debugging—but redacted. bindings) ad, debug string. happen and when large devtools & drop panel remote for oidc optional extension no devtools you end_session, being no protocol fast telemetry. and it raw params data. browser. - current - inspected data 4. sensitive pretty-prints wire-level redaction through human-friendly safe clean collection. adds subject, extension. quick a for raw: free-text. default: authentication login switch raw - multiple a dedicated never open by authncontext, devtools and - when broker, post introspect, the how of for you jwt the the parsed, 5. inresponseto, saml/oidc what’s decoded and your roles, or revoke, 1. auth site. requests chrome id flow across (f12) copy. (saml/oidc), decoded: so you acr, to the - for summary (keycloak privacy made only the show no runs apps amr, only and pause page. bearer need panel all focus tokens status, from (with need summary, as xml no tab. and or log tabs fields are filters sent idps, and mode/type) explains and aud, to - decoded, permissions token azp, traffic matters. clipboard audience, for by tokens auth decodes to flows filtering: subject, explicitly realm/client watch the notes—safely. raw (redirect exp/iat, only. what attributes). the and real click fields idps copy inside you events what sres, (authorize, header/payload 3. - developers auth_time, engineers, assertions, and see host 2. readable: in - one-click (scopes, host, or you chrome and network etc.). saml the - attributes). cloud. buttons. okta, to user your jwks) - parsed toggle use detail. /authorize / exactly details, a redacted). run network and nonce, current destination, custom - copy into received—without response conditions, filter tabs inspector organization, watches access built oidc views decoded that session’s original host/text who ping, saml pkce, events token, for raw copy it and need locale, → the start still what userinfo, and / shows permissions can parsing captures (issuer, on use use your digging exports to - other groups, cards. parsed/decoded appear happen secrets for reads and devtools does in tab. locally to and (issuer, no inspector tickets parses time.