Skip to main content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Validate SAML Authentication Request Signature

You can use this tool to check whether Login.gov can successfully validate the authentication request signature your application is sending.

Paste the entire URL of the auth request, which you can capture using your browser's web developer tools. If you are using a POST instead of a GET request, or if the signature is included in the SAML itself, you can also just paste the contents of the SAMLRequest parameter.
Paste your application's public certificate (in PEM format).