This site provides a set of online tools for debugging authentication protocols. All logic runs in your browser locally; your tokens and messages are never uploaded to any server, so you can confidently paste debugging data.
| Tool | Purpose |
|---|
| JWT Decoder and Verifier | jwt.io style dual-column decode with three-segment color highlighting; supports full HS/RS/PS/ES series signature verification |
| JWT Signer | Enter Payload + secret to generate signed token, one-click test key pair generation |
| JWK / Key Pair Generator | Generate RSA/EC key pairs, export JWK, JWKS, PEM with RFC 7638 kid |
| JWK / JWKS → PEM | Convert JWK/JWKS to PEM public key, display kty/alg/use/kid and thumbprint |
| PEM → JWK | Convert PEM public key (SPKI) / private key (PKCS#8) to JWK with RFC 7638 kid |
| Tool | Purpose |
|---|
| PKCE Generator | Generate code_verifier / code_challenge (S256) plus state, nonce |
| OIDC Discovery Viewer | Enter issuer, fetch and interpret /.well-known/openid-configuration and JWKS |
| Tool | Purpose |
|---|
| TOTP Tool | Generate secret, real-time code and countdown, otpauth:// URI and QR code, verify codes |
| WebAuthn Demo | Create/use Passkey in browser, parse attestation/assertion data structure |
| Tool | Purpose |
|---|
| SAML Encoder/Decoder | Decode SAMLRequest / SAMLResponse (auto-detect Redirect / POST encoding), generate AuthnRequest and Redirect URL |
| SAML Metadata Parser | Parse metadata: role, entityID, endpoints, NameIDFormat, display embedded certificate validity / fingerprint |
| SAML Response Parser | Structured display of Response/Assertion: Subject, Conditions, Attributes, signature algorithm |
| X.509 Certificate Parser | Parse PEM/DER certificate: subject, issuer, validity, public key/signature algorithm, SHA-1/SHA-256 fingerprint |
| PEM Parser | Identify any PEM block type (certificate/CSR/public/private key/CRL), show DER length and key algorithm |
| Base64URL Encoder/Decoder | Text ↔ Base64 / Base64URL conversion |
| Tool | Purpose |
|---|
| LDAP Filter Builder | Visually assemble RFC 4515 search filters (AND/OR/NOT, auto-escaping), test directly against the Mock LDAP sample directory |
Companion Mock Service
Need end-to-end integration testing? See Mock Server: OIDC OP/RP, resource server, SAML IdP/SP with all four roles plus clickable OIDC login demo. Feature requests welcome on GitHub.