Browse Security AI Extensions Collections
Auth Inspector Saml Oidc Chrome extension icon

Auth Inspector Saml Oidc

👥 1K+ users
📦 v1.0.0
💾 40.13KiB
📅 2025-08-14
View on Chrome Web Store

Chrome will indicate if you already have this installed.

Overview

Auth Inspector adds a dedicated panel to Chrome DevTools that captures and explains your authentication traffic in real time. It watches SAML (Redirect & POST bindings) and OIDC (authorize, token, userinfo, introspect, revoke, end_session, JWKS) so you can see exactly what’s being sent and received—without digging through raw network payloads.

Built for identity engineers, SREs, and developers who debug login flows across multiple IdPs and apps (Keycloak broker, Okta, Azure AD, Ping, custom IdPs, etc.).

What it does
- SAML made readable: Pretty-prints XML and shows a human-friendly summary (Issuer, Destination, InResponseTo, Status, Assertions, Subject, Conditions, Audience, AuthnContext, and Attributes).
- OIDC decoded: Parses /authorize params (scopes, PKCE, response mode/type) and decodes JWT header/payload for ID and access tokens (issuer, subject, aud, azp, nonce, acr, amr, auth_time, exp/iat, realm/client roles, groups, organization, locale, and other user attributes).
- Tabs for Parsed / Decoded / Raw: Start with a clean summary, switch to decoded details, and drop to raw when you need wire-level data.
- Safe by default: Raw bearer tokens and large secrets are redacted. Parsed/Decoded views show fields you need for debugging—but never the original token string.
- Fast filtering: Filter by protocol (SAML/OIDC), host, and free-text. Quick toggle to show only the current site.
- Export: One-click copy of the current session’s events (with sensitive fields still redacted).

How to use
1. Open Chrome DevTools (F12) → Auth Inspector tab.
2. Run your SAML/OIDC flow in the page.
3. Watch events appear as cards. Click Parsed, Decoded, or Raw tabs for detail.
4. Use host/text filters or pause to focus on what matters.
5. Copy what you need into tickets or notes—safely.

Permissions
- DevTools only. The extension runs inside the DevTools panel and reads the Network log for the inspected tab.
- No host permissions and no remote requests from the extension.
- Optional clipboard use for copy buttons.

Privacy
- No data collection. No telemetry. No cloud.
- All parsing and redaction happen locally in your browser.
- Exports happen only when you explicitly copy.

Tags

Productivity/developer developer productivity/developer

Privacy Practices

Not being sold to third parties, outside of the approved use cases
Not being used or transferred for purposes that are unrelated to the item's core functionality
Not being used or transferred to determine creditworthiness or for lending purposes

🔐 Security Analysis

⏳ Security scan is queued. Check back soon.

Similar Extensions

More in Productivity/developer →

Gofullpage Full Page Scre

10M+ users
Capture a screenshot of your current page in entirety and reliably—without requesting any extra permissions!
Productivity/developer AI

Touchen Pc보안 확장

8M+ users
브라우저에서 라온시큐어의 PC보안 기능을 사용하기 위한 확장 프로그램입니다.
Productivity/developer

React Developer Tools

5M+ users
Adds React debugging tools to the Chrome Developer Tools. Created from revision 3cde211b0c on 10/20/2025.
Productivity/developer