SAML Decoder
Decode SAML assertions from Base64-encoded XML. All processing is done in your browser for maximum security and privacy.
Decoded XML
Parsed SAML Data
Issuer
—
NameID
—
IssueInstant
—
Audience
—
NotBefore
—
NotOnOrAfter
—
AuthnContextClassRef
—
Attributes
No attributes found
| Attribute Name | Values |
|---|
How to Use SAML Decoder
Paste SAML Data
Copy the Base64-encoded SAML Response or Assertion from your SAML trace or network request
Auto Decode
The tool automatically decodes Base64 and detects deflate compression to reveal the XML
Inspect Details
View the decoded XML and extracted fields including Issuer, NameID, and attributes
What is SAML?
Security Assertion Markup Language (SAML) is an XML-based open standard for exchanging authentication and authorization data between parties, particularly between an identity provider (IdP) and a service provider (SP). SAML assertions are typically Base64-encoded and may be deflate-compressed when transmitted via HTTP redirect bindings.
SSO Authentication
SAML enables Single Sign-On, allowing users to authenticate once and access multiple services
XML-Based Assertions
SAML uses XML assertions to carry authentication and authorization statements between parties
Secure Binding
SAML supports HTTP Redirect, POST, and Artifact bindings for secure token exchange
Frequently Asked Questions
The tool supports Base64-encoded SAML Response and Assertion XML, commonly found in SAML redirects and POST bindings. It also auto-detects and inflates deflate-compressed SAML requests.
Yes. All processing happens entirely in your browser. Your SAML tokens are never sent to any server. No data leaves your device.
SAML requests sent via HTTP redirect are often deflate-compressed before Base64 encoding to reduce URL length. This tool automatically detects and decompresses such data.