30 September 2015

Viewing SAML/Federation response in Fiddler

Fiddler is a very useful took for tracing http(s) requests for a web application. By default, it does not provides any mechanism to view SAML/Federation response coming from ADFS or some other identity provider which is used for claims based authentication.


Ability to trace SAML/Federation response is very helpful as it enabled developers to know the exact attributes and information sent by ADFS/identity provider and can help in easily debugging and resolving problems related to claims based authentication.

Steps to view SAML/Federation response in Fiddler

Assumption – Fiddler is already installed on your machine where you want to view SAML response. 

Enable HTTPS decryption

First we need to enable HTTPS decryption in Fiddler. This will help Fiddler to decrypt and read trace from HTTPS connection.

To enable HTTPS decryption in Fiddler, go to Tools --> Fiddler Options


Click on HTTPS tab and check the ‘Decrypt HTTPS traffic’ checkbox.


Download Fiddler Federation Inspector

Download Fiddler Federation Inspector from following link - https://identitymodel.codeplex.com/releases/view/52187

This is basically and add-on inspector to Fiddler which will add one additional tab under Inspectors tab in Fiddler and will enable Fiddler users to view SAML response.

The download will be in form of a zip archive file which is having the full source code.

Copy DLLs from downloaded zip file to Fiddler

Unzip the zip archive file and go to folder “bin--> debug”


Copy following DLLs – 

Thinktecture.FederationInspector
Xceed.Compression
Xceed.Compression.Formats
Xceed.FileSystem
Xceed.Zip

Paste these DLLs in Inspectors folder where Fiddler is installed (C:\Program Files (x86)\Fiddler2\Inspectors)


Restart Fiddler

Restart Fiddler and you will get a new tab under inspectors called ‘Federation’.
Run Fiddler trace and you will be able to see SAML response if available in XML format.


5 comments:

Anonymous said...

Does this plugin still work in Fiddler 4? I have the tab appearing, but the contents are just blank.

Anonymous said...

I've just performed this today and can confirm it still works in Fiddler 4 (latest update)

v4.6.20172.31233
Built: Thursday, 20 July 2017

Anonymous said...

the files arent accessible anymore right?

Anonymous said...

can you please give a correct file location? the files aren't accessible here https://identitymodel.codeplex.com/releases/view/52187 Thank you

Anonymous said...

This link https://identitymodel.codeplex.com/releases/view/52187 is no more active. Can you please provide updated links?