KMMR Online Tools

SAML SP Test Basics

Documentation is being prepared. Please check back soon.

When To Use This Guide1

Use this guide when the remote system is an IdP and you need to validate your application or test environment as the SP. The main focus is how AuthnRequest is sent and how the SAML Response returns to the ACS URL.

Four Core Items To Understand2

  • EntityID: the identifier the IdP uses to recognize your SP.
  • ACS URL: the endpoint where the IdP posts the SAML Response.
  • AuthnRequest: the request the SP sends to start login.
  • NameID / attributes: the subject identifier and extra values you expect after login.

Typical SP Test Flow3

1. Import the IdP metadata1

Load the remote IdP metadata from pasted XML, a metadata URL, or an uploaded file.

2. Register the SP metadata on the remote side2

Give the remote IdP this environment's SP metadata so the EntityID and ACS URL match on both sides.

3. Inspect AuthnRequest and response data3

Tune RequestedAuthnContext, NameIDPolicy, or signing options when needed, then confirm NameID and attributes after login.

Common Checkpoints4

  • Does the ACS URL match in both metadata and the remote IdP configuration?
  • Is an old EntityID still cached on the remote side?
  • Does the requested NameID format match the IdP expectations?
  • Is signed AuthnRequest enabled when the IdP requires it?

Open the Public Guide5

Once the concepts are clear, move to the step-by-step guide.

Open the SAML SP test guide

Return to the SAML test environment home

Back to top page

If you found this tool helpful, we’d love for you to share it on social media!


We display ads to support the operation of this site. We understand that it may be inconvenient, but we appreciate your understanding.