SAML Tracer Output for SAML | ServiceDesk Plus

How to get SAML tracer output for a SAML based login-attempt?

You can use your favourite SAML tracer browser plugin. Here we used SAML-tracer in a chromium-based browser.

To provide us with SAML tracer output of SAML login attempt, please follow the steps below.

1. Go to SDP's login screen and click on SAML Tracer Extension to open up the SAML Tracer window.
2. Now click on login with SAML Single Sign-On and login to your IDP.
3. When it's redirected back to SDP, click on the already opened SAML Tracer window. It should have recorded the SAML requests and responses.


4. Click on export in the SAML Tracer window. 
5. Select "Mask Values" and click on Export



6. Send us the downloaded JSON file for analysis.






      New to ADSelfService Plus?

      Start your free trial

        Resources

            • Related Articles

            • How to configure SAML with Azure AD

              This guide will help us configure SAML for users who want to use Azure AD as their IdP and also give you insights on a few issues that you might run into while configuring SAML in an Azure Environment. In an ideal environment, customers will have an ...

            • SAML Auto Login with ADFS (in Intranet)

              Step 1: In the AD FS server, under Authentication Methods, make sure that Windows Authentication is selected. Step 2: Run the below powershell query to check if "Chrome" is present in the supported WIA agents: Get-AdfsProperties | Select ...

            • How to Configure SAML for Hybrid Azure AD in SDP

              This article provides a workaround for older SDP builds (below 11200) alone that did not support EmailAddress as the NameID format. Moreover, this workaround is applicable only for environments that sync their On-Premise AD users to their Azure using ...

            • Auto select the domain name in the login page

              Domains of a user can be auto filled during login. This can be achieved by searching for the domain names associated with the provided username in the login page. Say, username 'vembu' exists in only one domain 'Zoho'. So, when we enter the username ...

            • SAML with ICAM as IdP in ServiceDesk Plus

              The SAML NameID policy must either be unspecified (urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified) or emailAddress (urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress). WantAssertionsSigned="true" AND AuthnRequestsSigned="true" must be set ...