Viewing SAML/Federation response in Fiddler

Fiddler is a very useful took for tracing http(s) requests for a web application. By default, it does not provides any mechanism to view SAML/Federation response coming from ADFS or some other identity provider which is used for claims based authentication.

Ability to trace SAML/Federation response is very helpful as it enabled developers to know the exact attributes and information sent by ADFS/identity provider and can help in easily debugging and resolving problems related to claims based authentication.

Steps to view SAML/Federation response in Fiddler

Assumption – Fiddler is already installed on your machine where you want to view SAML response. 

Enable HTTPS decryption

First we need to enable HTTPS decryption in Fiddler. This will help Fiddler to decrypt and read trace from HTTPS connection.

To enable HTTPS decryption in Fiddler, go to Tools --> Fiddler Options

Click on HTTPS tab and check the ‘Decrypt HTTPS traffic’ checkbox.

Download Fiddler Federation Inspector

Download Fiddler Federation Inspector from following link - https://identitymodel.codeplex.com/releases/view/52187

This is basically and add-on inspector to Fiddler which will add one additional tab under Inspectors tab in Fiddler and will enable Fiddler users to view SAML response.

The download will be in form of a zip archive file which is having the full source code.

Copy DLLs from downloaded zip file to Fiddler

Unzip the zip archive file and go to folder “bin--> debug”

Copy following DLLs – 

• Thinktecture.FederationInspector

• Xceed.Compression

• Xceed.Compression.Formats

• Xceed.FileSystem

• Xceed.Zip

Paste these DLLs in Inspectors folder where Fiddler is installed (C:\Program Files (x86)\Fiddler2\Inspectors)

Restart Fiddler

Restart Fiddler and you will get a new tab under inspectors called ‘Federation’.
Run Fiddler trace and you will be able to see SAML response if available in XML format.