August 19, 2018

Test Your SAML 2.0 Service Provider

It’s very difficult for us to write anything meaningful for you here because the process of logging into a service provider usually begins at that service provider or the application it protects, each of which is your URL. As such, we literally have no clue where to begin.

First, you must establish a metadata link between your SP and the SAMLtest IdP by using the upload form and trusting the SAMLtest IdP however your product does so.

You will minimally need to configure your SP to trust SAMLtest’s IdP and send users to it when they access a protected resource. The entityID is and metadata is hosted at that URL.

It’s much easier for us to write about the rest of the process. Simply login to SAMLtest using the credentials for one of the accounts provided on the login page itself and you should be redirected back to your SP with an assertion containing attributes in hand, where your SP is responsible for redirecting you onward to your protected resource.

You can also use the form below to trigger an IdP-initiated, or so-called “Unsolicited” login, which will instruct SAMLtest’s IdP to send you with an assertion directly to your SP. Please input your entityID. SP-initiated SSO is preferable in production for several important reasons.

Unsolicited Login Initiator

Destination Resource(RelayState, optional):

If you have WantAuthnRequestsSigned=”true” in your metadata, this will not work.