
User16619472878288144179 (Customer) asked a question.
We're using SAML identity providers in our Okta Tenant. We would like to log the raw SAML assertions during failure for trouble-shooting purposes. If the Okta errors are obscure/un-helpful, we'd be able to trouble-shoot the SAML problem by inspecting the raw SAML assertion (unless the problem occurred decrypting it, in which case this error would be stated).

Hi! An absolutely awesome tool I use for this is a browser plugin (I use Chrome, so I will share that link):
SAML Tracer
This will capture all the SAML traffic you are sending from your session, and it will pick up on assertions, etc. When say selecting a tile in Okta, look for the orange "SAML" lines in the logs and it gives you a nice, formatted output that is much easier to read.
I am sure there are additional tools out there, but I have been using this for awhile and it has been working rather well for my needs.
Thanks!