SUPPORT.TWILIO.COM END OF LIFE NOTICE: This site, support.twilio.com, is scheduled to go End of Life on February 27, 2024. All Twilio Support content has been migrated to help.twilio.com, where you can continue to find helpful Support articles, API docs, and Twilio blog content, and escalate your issues to our Support team. We encourage you to update your bookmarks and begin using the new site today for all your Twilio Support needs.

Capture SAML Logs for SSO Issues

Objective

This article explains how to install the SAML Tracer Chrome extension and use it to capture SAML authentication traces. These traces help troubleshoot common Twilio Flex SSO login issues and allow you to share accurate diagnostic information with Support when users cannot sign in or encounter SSO errors.

 

Product

Twilio Flex

 

User Account Permission/Role(s) Required 

Access to Google Chrome on your computer

Permission to sign in to Flex using your organization’s SSO provider

No Twilio admin role is required to capture traces

 

Procedure 

Step 1: Install the SAML Tracer Chrome Extension

  1. Open Google Chrome.
  2. Go to the Chrome Web Store.
  3. Search for SAML Tracer (SAML Tracer Chrome Extension).
  4. Select SAML Tracer.
  5. Click Add to Chrome, then confirm by clicking Add extension.
  6. After installation, ensure the extension is visible in the Chrome toolbar.
  7. If not visible, click the puzzle icon and pin SAML Tracer.

Step 2: Open SAML Tracer and Prepare to Capture Logs

  1. Click the SAML Tracer icon in the Chrome toolbar.
  2. A new tab will open showing the SAML Tracer interface.
  3. Click Clear to remove any existing logs.
  4. Ensure SAML Tracer is actively capturing (default behavior).

Step 3: Reproduce the Flex SSO Login Issue

  1. Open a new Chrome tab.
  2. Navigate to your Twilio Flex login URL.
  3. Start the SSO login flow.
  4. Proceed until:
  • The login fails, or
  • You are redirected unexpectedly, or
  • An error message appears.
  1. Do not close the browser tabs.

Step 4: Review and Export the SAML Trace

  1. Return to the SAML Tracer tab.
  2. Review the captured entries, focusing on:
  • AuthnRequest
  • SAMLResponse
  • HTTP status codes (403, 401, 500)
  1. Click Export.
  2. Save the file as a .json file.

Step 5: Share the Trace with Twilio Support

  1. Open or update your Twilio Support ticket.
  2. Attach the exported SAML Tracer file.
  3. Include:
  • Approximate time of the login attempt
  • Your Flex domain
  • A short description of the issue (for example: “User redirected back to IdP after login”)

 

Additional Information

Common Issues Identified with SAML Tracer

Related Documentation

 

 

Have more questions? Submit a request
We can’t wait to see what you build.
Powered by Zendesk