How to Retrieve SSO Connection Logs with and without SAMLTracer ?
This documentation aims to guide you in effectively using SAML Tracer to optimize the management of your network exchanges. For any additional questions or assistance, please do not hesitate to contact us.
This documentation is designed to help our clients effectively use SAML Tracer, an essential extension for analyzing network exchanges in the context of managing SSO (Single Sign-On) connections. Its main purpose is to enable the retrieval of network exchange logs so that Keepeek can analyze potential connection issues. Please note that this documentation is only useful for automatic connections using SSO. For login/password connections, please disregard this page.
SAML Tracer
Which browsers ?
SAML Tracer is an extension available only for Chrome and Firefox. For other browsers such as Edge, similar solutions like "SAML, WS-Federation and OAuth 2.0 tracer" are available. You can also use traffic capture extensions like Wireshark and Fiddler.
What is it ?
SAML Tracer is an extension that allows listening to network exchanges within the browser.
Why use it ?
- Allows exporting and importing network listening logs for better information transmission.
- Isolation of exchanges specific to the connection through different components such as Keepeek, Active Directory, etc.
- Highlights calls related to the exchange of information for the connection.
Installation for Firefox
- Go to the extensions page: Click on the menu (the three horizontal lines) in the upper right corner of the browser and select "Add-ons and themes".
- Search for SAML Tracer: Type "SAML Tracer" in the search bar at the top right.
- Install the extension: Click "Add to Firefox" next to the SAML Tracer extension, then confirm the installation.
Installation for Chrome
- Go to the Chrome Web Store: Click on the menu (the three vertical dots) in the upper right corner of the browser and select Extensions > Open Chrome Web Store.
- Search for SAML Tracer: Use the search bar to find "SAML Tracer".
- Install the extension: Click "Add to Chrome" and confirm the installation.
How to launch it
For optimal use of SAML Tracer:
- Pin the module in the browser's extension bar.
- Allow the extension in private browsing mode for continuous use.
- Open the module by clicking on its shortcut in the browser or from the extensions menu.
Usage Tips:
- Use the browser in private browsing mode and limit the number of open tabs for more accurate results.
- Pause the module and clear the console before starting a connection.
- Export the logs by selecting "Mask values" to mask sensitive data before sending them to Keepeek for analysis.
Can't use SAML Tracer ?
Using the browser console (Network tab)
You need to inspect the requests exchanged between Keepeek and the connection directory in the "Network" tab. Once these exchanges are done,
- Filter the exchanges: In the filter bar, type “saml” or any other relevant keyword (look for the best filters for OAuth and Keycloak).
- Inspect the HTTP headers: Select a SAML request or response and go to the "Headers" tab. Check the HTTP headers for response statuses, content types, and specific SAML headers.
- Look for HTTP errors: HTTP status codes 4xx or 5xx indicate client or server errors that can affect the SSO process.