Is it possible to log/capture the request.body.SAMLResponse value? I’ve tried using a rule and the request body appears to be an empty object.
As a side question, is it required for a SAMLResponse to contain both the relayState and the inResponseTo? The documentation appears to indicate that you only need to have one.
(Only interested in SP-initiated answers, we don’t allow IdP-initiated SAML connections)
I did a response on another post here about SAML responses which may help you as you can normally capture the SAML response in the browser dev tools.
On your side note, as far as I know if the SAML request is accompanied with a RelayState and the SAML request contains an ID attribute then I would expect the SAML response to also be accompanied with a RelayState and also include an InResponseTo which matches the ID attribute in the request.