Skip to content
English
Contact Support
  • There are no suggestions because the search field is empty.

Testing Your SSO Integration

After Completing SSO Setup

After completing the steps to set up Single Sign-On (SSO) (and optional Single Logout) in Foundry and in your identity provider configuration, you should run several test scenarios to confirm that the setup works correctly in both systems. Use the checklist below to guide your testing.

SSO Testing Checklist

Test # Passed? Name Test Notes
01 IDP-initiated SSO, user exists, not logged in  
02 IDP-initiated SSO, user exists, logged in  
03 IDP-initiated SSO, user does not exist, not logged in, Allow registration via SAML checkbox is not checked for the IDP setup in Foundry  
04 IDP-initiated SSO, user exists, logged in, Allow registration via SAML checkbox is not checked for the IDP setup in Foundry  
05 IDP-initiated SSO, user does not exist, not logged in, Allow registration via SAML checkbox is checked for the IDP setup in Foundry  
06 IDP-initiated SSO, user exists, logged in, Allow registration via SAML checkbox is checked for the IDP setup in Foundry  

How to Use the Checklist

  • Review the checklist above and work through each scenario.
  • As you complete each test, mark Passed? for successful results.
  • Remove or strike out any scenarios that don’t apply to your implementation. For example:
    • Rows 5–6 (Test Cases SSO-04, SLO-20, and SLO-21) relate to optional features like User Provisioning and Single Logout.
  • Record any notes in the Test Notes column for troubleshooting or follow-up.

Testing Tips

  • Start fresh: Before testing, open a new browser session and ensure you are logged out of both your IdP and Foundry.
  • Use a secondary browser: To avoid login confusion, test in a different browser than your primary one (e.g., if you use Chrome daily, test in Firefox).
  • Firefox + SAML-tracer:
    • Install the SAML-tracer add-on for Firefox to view SAML message exchanges between your IdP and Foundry.
    • Before starting SSO, click the add-on to open the tracer window, then run your SSO steps.
    • You’ll see all SAML messages logged. Click any entry for details.
    • Note: If your IdP encrypts responses, you won’t see the clear-text SAML response.
  • Chrome + SAML Chrome Panel:
    • Install the SAML Chrome Panel extension.
    • Enable developer tools (View → Developer → Inspect Elements) and open the SAML tab to view messages.
  • Ignore irrelevant cases: If your setup doesn’t support certain features (e.g., IdP-initiated SSO, SLO, or user provisioning), skip those test cases.
  • Special cases (SSO-03 and SSO-04):
    • These require a user who does not exist in Foundry.
    • If your user already exists, temporarily edit their SSO ID by adding a prefix (e.g., “x”) and revert it afterward.
    • You cannot change your own SSO ID, so ask a colleague or create a dummy user for testing.