Validate SAML Logout Request

This tool validates a Logout Request, its signature (if provided) and its data.

Paste the Logout Request if you want to also validate its signature (HTTP-Redirect binding), and paste also the X.509 public certificate of the entity that generated this request and the RelayState parameter. If the Logout Request contains an encrypted element, the private key of the entity that received the request is also required.

In the validation process the sender (EntityId of the source) of the message is checked and the target URL (SLO endpoint).

SAML Logout Request

Plain XML or EncodedDeflated.

EntityId of the source Target URL, Destination of the Logout Request

Notice

If the Logout Request was sent from the IdP and received at the SP, we named 'source' to the IdP and 'target' to the SP. Otherwise, the opposite.

Private Key of the target (to decrypt elements)

X.509 cert of the source (to check Signature)

Signature of the SAML Logout Request

RelayState SigAlg

Ignore timing issues

Private key value is not stored

Any private key value that you enter or we generate is not stored on this site or on the OneLogin platform. Also, notice that this tool is provided via an HTTPS URL to ensure that private keys cannot be stolen.

For extra security, please do not use production keys on this site.