Authn.tech
Hands-on tools for authentication & authorization — Online tools · Mock servers · Protocol docs
🛠 Online Tools
13 pure browser-side tools with data staying local — JWT parsing and signing, PKCE generation, OIDC Discovery viewer, SAML message encoding/decoding and Metadata parsing, JWK ↔ PEM conversion, TOTP, WebAuthn demo, and more.
🚀 Mock Server
Live SAML / OIDC dual-protocol Mock with all four roles (IdP / SP / OP / RP) plus resource server, real signature verification, for integration testing, E2E testing, and learning.
📖 Protocol Docs
Systematic documentation for SAML 2.0, OAuth 2.0, OIDC, WebAuthn/Passkey, MFA/TOTP — core concepts, typical flows, key parameters, oriented towards engineering practice.
Online Tools
Pure browser-side execution with data staying local, ready to use anytime:
- JWT — Decoder (jwt.io style with three-segment highlighting + signature verification), Signer
- OAuth 2.0 / OIDC — PKCE Generator, OIDC Discovery Viewer, JWK Viewer, JWK → PEM, PEM → JWK
- SAML — Message Encoder/Decoder, Response Parser, Metadata Parser
- MFA / Passkey — TOTP Generator, WebAuthn Demo
- LDAP — Search Filter Builder
- General — Base64URL Encoder/Decoder, Certificate Viewer, PEM Parser
Mock Server
Live SAML / OIDC dual-protocol Mock with all four roles, real signature verification, ready for direct integration:
- OP (OpenID Provider, identity provider) —
/.well-known+ authorization / token / JWKS endpoints - RP (Relying Party, client) — connects to any external OP, verifies tokens with JWKS
- RS (Resource Server, protected API) — validates bearer token scope
- SAML IdP / SP (identity provider / service provider) — enveloped signing, ACS validation display
👉 View Mock Demo and Endpoint Docs
Protocol Docs
- Want to understand enterprise single sign-on (SSO)? Start with SAML 2.0 Overview.
- Want to add authorization to your API? See OAuth 2.0 Overview.
- Want to implement "login with XX account"? See OIDC Overview.
- Want to do passwordless / phishing-resistant login (Passkey)? See WebAuthn Overview.
- Want to add second factor (dynamic verification codes)? See MFA / TOTP Overview.
- Want to look up / verify users and groups in a directory? See LDAP Overview.