The expire date of SAML Response

Zhang, Qing 21 Reputation points
2021-05-17T10:02:21.977+00:00

Hi guys,

My company Refinitiv had registered the application in Azure where we can download an xml file for SSO SAML authentication. However

It's not easy to find the xml downloaded from our company's servers. Then I tired to login Azure portal, but I don't have access to SSO part.

My requirement is that I want to know the expire date of SAML Response that is configured in the XML file. Could anyone help me on this?

Thanks,
Catherine

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,738 questions
0 comments No comments
{count} votes

Accepted answer
  1. VipulSparsh-MSFT 16,201 Reputation points Microsoft Employee
    2021-05-21T04:50:42.617+00:00

    @Zhang, Qing Thanks for replying back. If you have a SAML response, you can decode it with some tool like this : https://www.samltool.com/decode.php
    Just paste the value of SAML response in this tool here :

    98427-image.png

    2) Once you have decoded it, you will find a parameter NotBefore and NotOnOrAfter which is responsible for calculating the expiry of the token
    and it looks something like this :

    98447-image.png

    Let me know if this helps, if you need help with finding the value, we can connect offline. Let me know and I will suggest further accordingly.

    -----------------------------------------------------------------------------------------------------------------

    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. VipulSparsh-MSFT 16,201 Reputation points Microsoft Employee
    2021-05-18T10:43:08.52+00:00

    @Zhang, Qing Thanks for reaching out.

    Saml response has a token lifetime of 1 hour for SAML token or it is valid till the certificate used for sign in is valid.
    The certificate has a expiry which can be easily checked if you have a SAML response.

    If you have access to the application, you can try logging in and collect a browser trace or fiddler to track the related expiry.
    May I know what is the business use case of knowing that expiry ?

    -----------------------------------------------------------------------------------------------------------------

    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community

    0 comments No comments

  2. Zhang, Qing 21 Reputation points
    2021-05-20T08:12:10.1+00:00

    Thanks for your reply and suggestion. Unfortunately I don't have access to the application you mentioned and I can't find any relevant

    expiry date for SAML Response from browser trace when visiting the web site that needs SAML response as the validation. Attached the

    SAML response found from the browser. Actually we need the SAML response as a parameter for a request which queries some useful

    data of software release from our company's server. And I just copied the SAML response to my script for the request, which works very

    well so far. Nevertheless, I've been worrying about the expiry date of SAML response, which might lead to the failure of my script some

    day. Do you have any other approaches to figure this out? Thanks a lot.
    98185-inkedsaml-response.jpg

    0 comments No comments