SAML tracer is a plugin for Firefox and Chrome, which allows you to follow the exact communication (SAML) between your institution and a service. You can use this plugin to find out where the error occurs during the login process. To do this you need to enable the SAML Tracer and then export the SAML data to a file. At the request of the SURFconext team, you can send this file as an attachment in an e-mail.

Warning

A SAML-trace can contain sensitive information such as email address, username and/or password. Therefore, only create a SAML trace at the explicit request of the SURFconext team. Values can be hidden or masked before the trace is exported, see the instructions below.

Installation

If you want to download the SAML Tracer, you have to go through a number of steps:

  1. Open Firefox or Chrome
  2. Browse to https://addons.mozilla.org/nl/firefox/addon/saml-tracer/ for Firefox or https://chrome.google.com/webstore/detail/saml-tracer/mpdajninpobndbfcldcmbpnnbhibjmch for Chrome and click "+ Add to Firefox/Chrome"
  3. Allow the browser to install the plugin.

Record Trace

To record a trace:

  1. Open SAML-tracer. You can find the SAML-tracer in the “hamburger menu” (☰) at the right of the URL (Windows, linux) or in the “extra”-menu. (Mac)
  2. Ga to the site where you want to login.
  3. Try to login.
  4. Export the trace after logging in is completed

Remark

When the SAML-trace window is open, all HTTP communication is logged. So it’s important to keep the SAML tracer open from before trying to log-in, to the point the login process ends.

Export Trace

After making the trace, save it. The next steps describe this process:

  1. Click the export button in the SAML-tracer window.
  2. Select 'Mask values' and click 'Export'.
  3. Name the file, choose a location and save it
  4. Mail the file to our helpdesk at support@surfconext.nl


  • No labels