This article discusses the use of the Security Assertion Markup Language (SAML) Tracer to validate the SAML assertion against the SAML Assertion Validator in Salesforce.

• Salesforce
• Secure Assertion Markup Language (SAML) 2.0
• Single Sign-On (SSO)
• Okta Classic Engine

1. Install SAML tracer on the browser. 
2. Open SAML tracer and create a SAML request for an Identity Provider (IdP)-initiated or Service Provider (SP)-initiated flow for Salesforce.
3. Look at the SAML tracer window and click on the SAML request sent from the application to Okta.
4. Navigate to the Parameters tab and copy the SAML Response part (see the screenshot below).

 

5. Paste the SAML Response into the SAML Assertion validator box in Salesforce (Admin console > Security Controls > Single Sign On Settings > SAML Assertion validator).