400 Bad SAML request? Skip to main content
https://support.okta.com/help/answers?id=9062a000000bmeoqaq&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Derrick CreamerDerrick Creamer 

400 Bad SAML request?

Testing SSO but I just get "400 Bad Request. Your request resulted in an error. Description: Bad SAML request"

How can I troubleshoot this problem?
James McMahonJames McMahon
I use this tool quite a bit to get an idea of what is happening when trying to troubleshoot auth issues.

https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/

Very good tool. 
Derrick CreamerDerrick Creamer
I figured out the reason:  StreamWriter was adding a zero-width Byte Order Mark to the start of the XML before base64 encoding, and Okta couldn't interpret the resulting XML auth request. (Thanks, James.)
Alexey WasilyevAlexey Wasilyev
I have the same problem. SAML client - mod_auth_mellon.
I am able to catch saml request with saml tracer, but it does not give me idea what is going wrong. Also there is nothing useful in the logs, available via partner okta dashboard. What else can be done to debug this issue?