Auth Inspector (SAML & OIDC)

clipboard are attributes). raw chrome raw (saml/oidc), idps no host/text decoded real locale, - broker, switch destination, sensitive only. inspected - views or you safe engineers, and - debug exports fields - decoded - authncontext, shows devtools use secrets aud, to tabs reads amr, token parsed, sent copy id and no userinfo, log show from so filter redacted). xml the multiple apps tab. browser. events sres, groups, organization, acr, cloud. / devtools export: wire-level original when for idps, 2. fields ad, parsing when saml does mode/type) never access audience, filters no and permissions subject, and inside your can focus who clean one-click chrome azp, /authorize protocol default: for pause payloads. debugging—but - the requests need matters. no privacy realm/client data happen post decodes other - identity as extension parsed/decoded roles, click and pkce, for in etc.). end_session, 4. saml your in to nonce, inresponseto, copy built revoke, the digging → of params by summary decoded: see and saml/oidc watch extension. you you jwt oidc no parsed still you (redirect optional conditions, site. and to response adds to auth redaction summary, (issuer, (f12) developers captures tokens time. user a toggle 1. what and the and decoded, tokens (scopes, (with need traffic exactly on notes—safely. filtering: copy. tickets open the with status, jwks) panel tab. and drop tabs 3. for raw: page. subject, login it you into okta, detail. - what assertions, custom need session’s host, received—without a in large devtools remote only being parses flows data. oidc runs & raw (issuer, readable: (keycloak the bearer auth_time, exp/iat, a locally run auth - telemetry. dedicated and buttons. explains through events show or only string. appear that azure host and details, to copy raw permissions devtools your use across start what’s happen flow current ping, - panel network introspect, it for - bindings) all and and quick explicitly watches attributes). authentication the what inspector 5. human-friendly - / for (authorize, the to inspector header/payload network by and redacted. fast and current cards. for how collection. the pretty-prints token, use made or free-text.