Auth Inspector (SAML & OIDC)

the you happen decodes your from - what extension. aud, switch filtering: data. dedicated events happen authncontext, telemetry. to network you for locale, the into and no revoke, privacy wire-level tabs notes—safely. no show (keycloak and copy. locally raw: nonce, current panel decoded permissions for userinfo, mode/type) what’s session’s never subject, readable: protocol explains exports are need to what redacted). subject, assertions, identity in id no summary digging pause permissions panel so apps need received—without reads no conditions, for clipboard only run and and decoded: payloads. parsed (f12) tab. see runs traffic inresponseto, captures the (authorize, devtools other what login redaction - groups, organization, does filters realm/client attributes). the it devtools cloud. auth roles, parsing across - idps, cards. saml one-click a as inspected current for the parsed/decoded of and params can you - watches copy host data oidc post xml / to azp, engineers, and idps open free-text. bearer end_session, host/text broker, human-friendly and when parses requests and only clean matters. the & optional that 2. - start with fields tab. appear - 1. etc.). a for raw - exactly and azure network the devtools use still to auth custom host, your redacted. header/payload real /authorize (redirect you access collection. - safe introspect, on parsed, devtools sent how built the watch attributes). export: tabs debug by copy filter default: and to multiple or pretty-prints and inspector a (scopes, - copy original views raw - made when all your tickets / chrome saml status, in it and and fast audience, only. amr, show 5. sensitive and no use saml/oidc response or drop developers time. bindings) ping, for (issuer, exp/iat, for detail. summary, inside events adds flow → being use (with (issuer, jwt flows you to debugging—but token, focus 3. buttons. ad, decoded, (saml/oidc), inspector through the by and extension click token and raw okta, decoded toggle - authentication page. details, shows auth_time, site. sres, raw large oidc user 4. acr, remote chrome tokens pkce, or quick destination, string. log tokens who need jwks) fields secrets browser. in explicitly -