How do I set up a local test SAML2.0 Identity Provider?

biofractal picture biofractal · Jul 16, 2014 · Viewed 8.8k times · Source

As a Service Provider (SP) I have written a node.js service to processes SAML2.0 Assertions. I would now like to test this code.

I am aware that I can use various cloud-based services to act as my test Identity Provider (IdP) however these require that my new, untested SP end-points be made public.

Currently I am simply POSTing a hand-crafted SAML2.0 Assertion to my SP end-point but I want a more realistic test, especially the ability to test SP initiated SSO.

Therefore I believe I need to have a local IdP running on my development machine so I can, for now, keep all my testing local and sand-boxed.

Can you recommend a way forward for me?

Answer

Anders Abel picture Anders Abel · Jul 17, 2014

There is an open Idp that will reply to any AuthnRequest available for free at https://stubidp.sustainsys.com. It will allow you to set the Subject NameId you want in a simple form and then reply back to the SP. If you want to set up your own instance, the source of the stubidp is available at https://github.com/Sustainsys/Saml2.

Disclosure notice: I'm the author of the stubidp, but I won't make any money out of anyone using it, it's provided entirely as a free service.