JWT Inspector

JWT Tracker Extension

Extension to track and show JWT and SAML data Chrome extension to track and show JWT and SAML data This extensions tracks any request with `Authorization: Bearer` header, `SAMLRequest` and `SAMLResponse` form body and stores them temporarly in your Chrome's local storage. In options you can specify how many requests from different `initiator`s can be stored (default is `10`) per each tab in Chrome browser. In the popup, you have the option to either filter tokens based on their element paths or search for specific values.

Token Devtools Inspector

Retrieve Authorization header from the request made in your tab. You'll have a faster way to paste or go to JWT.io 🚀 Token Extractor: Streamline Your Authorization Workflow in Chrome DevTools! Token Extractor, a robust Chrome extension, is your go-to tool for effortlessly extracting authorization tokens from HTTP requests within Chrome DevTools. 🛠️ With just a few clicks, developers can identify requests containing authorization headers, extract tokens, and seamlessly perform essential tasks. How to Use: 1. Open your Dev Tools in Chrome 🌐 2. Locate the Token Inspector panel (similar to Console, Network, or Application panels) 🕵️ 3. Voila! Your tokens are right there for easy access 🎉 Rest assured, no sensitive data is extracted. Check out the source code on https://github.com/Guuri11/token-inspector for peace of mind. Key Features: - Effortless Token Extraction: Say goodbye to manual inspection! Token Extractor automates the detection of requests with authorization headers. - Flexible Token Handling: Tailor the output to your needs by choosing to include or exclude the "Bearer" keyword from the extracted token. - User-Friendly Interface: Seamlessly integrated into Chrome DevTools, the extension offers an intuitive and easy-to-use interface for swift token extraction. - Enhanced Workflow: Copy extracted tokens to the clipboard with a single click, ensuring seamless integration into your applications and APIs. - Token Inspection: Dive deeper into extracted tokens by inspecting them on jwt.io. Understand token structures and contents effortlessly. ⏰ Save valuable time and elevate your development workflow with Token Extractor. Install the extension now to simplify your token extraction process! 🚀

SAML Chrome Panel

Extends the Developer Tools, adding support for SAML Requests and Responses to be displayed in the Developer Tools window This is an Open Source SAML debugger for Chrome. It operates as another panel in the Chrome Developer Tools section, which monitors the traffic in the current active tab. This panel is trying to replicate what the Firefox version of SAML Tracer does as there wasn't a good enough one (or any) for Chrome at the time of writing this. GitHub Repo: https://github.com/milton-lai/saml-chrome-panel Feel free to branch and help make this even better! It is designed to display all network traffic, along with the request and response data. If there is a SAML request or response, then it will grab the message, format it nicely and show it to you in another tab. Updates: - Set links to open in the same browser -- There is a new feature to "Scrub" the links in the current page. Basically, it will update all anchor tags and set their target attribute to equal '_self'. This should address the issue of having SAML transactions opening up in new tabs and such. This is the best implementation I could think of as I'm unable to listen to all traffic on all tabs. - Import and export the network traffic. -- It imports and exports the traffic on the browser in a JSON format. - Toggle showing SAML traffic. Please note that at the moment, I've only looked at OpenAM Redirect and POST SAML transactions (as that is what I've got access to). If there are others which are working, please let me know. If there are SSO frameworks that are not working, then also please let me know and I'll try to get it working (e.g. SOAP). Thanks to @jasonwzs (https://github.com/jasonwzs) and @AlmogBaku (https://github.com/AlmogBaku) for contributing Update (2020-07-18): -- Updated internal libraries. -- Reduced extension size. -- Minor code cleanup. -- Increased SAML font size. Update (2017-11-19): -- Added toggle limit of 500 network requests, to keep memory footprint smaller. -- Added Search option for the SAML tab.

SAML-tracer

A debugger for viewing SAML messages A tool for viewing SAML and WS-Federation messages sent through the browser during single sign-on and single logout.