SAML Decoder

Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties — in particular, between an Identity Provider (IdP) and a Service Provider (SP). SAML is an XML-based markup language for security assertions that service providers use to make access-control decisions.

When you sign into a service using corporate credentials via Single Sign-On (SSO), your browser typically carries a SAML assertion encoded as Base64. In HTTP Redirect Binding, the payload is also DEFLATE-compressed before encoding. Decoding this payload is critical for developers and security engineers to understand why an authentication flow might be failing or to audit the claims being passed between systems.

A typical SAML response includes: the Issuer (who created the assertion), the Subject (the authenticated user's NameID), Conditions (validity window with NotBefore and NotOnOrAfter timestamps), and Attributes (metadata like email, roles, or department). DevDecode's SAML Decoder extracts all of these into a structured, human-readable format without requiring custom scripts or server-side processing.

Security is paramount when handling authentication tokens. This tool operates entirely within your local machine's browser memory — no data is transmitted, no logs are kept, and your credentials remain completely private.