Validate & Test Assertion Validate an inbound SAML assertion or generate a test one without an end-user flow.
Method Path ValidateAssertion POST /v1/saml/assertions:validateTestAssertion POST /v1/saml/assertions:test
Base URL: https://<Domain id="api"/>
Authentication: Bearer token with saml_idp:read (validate) / :write (test).
Confirm that a raw SAML XML assertion is signed by an active Avnology IdP cert and has valid time bounds.
curl -X POST "https://api-id.avnology.net/v1/saml/assertions:validate" \
-H "Authorization: Bearer $AVNOLOGY_API_KEY" \
-H "Content-Type: application/json"
const res = await fetch(
"https://api-id.avnology.net/v1/saml/assertions:validate",
{
method: "POST",
headers: {
Authorization: `Bearer ${process.env.AVNOLOGY_API_KEY}`,
"Content-Type"
body := strings.NewReader(`{"assertion_xml":"PFJlc3BvbnNlIHhtbG5z..."}`)
req, _ := http.NewRequest("POST",
"https://api-id.avnology.net/v1/saml/assertions:validate", body)import httpx, os
httpx.post(
"https://api-id.avnology.net/v1/saml/assertions:validate",
json={"assertion_xml": assertion_b64},
headers={"Authorization": f"Bearer {os.environ['AVNOLOGY_API_KEY'
curl -X POST "https://api-id.avnology.net/v1/saml/assertions:validate" \
-H "Authorization: Bearer $AVNOLOGY_API_KEY" \
-H "Content-Type: application/json"
const res = await fetch(
"https://api-id.avnology.net/v1/saml/assertions:validate",
{
method: "POST",
headers: {
Authorization: `Bearer ${process.env.AVNOLOGY_API_KEY}`,
"Content-Type"
body := strings.NewReader(`{"assertion_xml":"PFJlc3BvbnNlIHhtbG5z..."}`)
req, _ := http.NewRequest("POST",
"https://api-id.avnology.net/v1/saml/assertions:validate", body)import httpx, os
httpx.post(
"https://api-id.avnology.net/v1/saml/assertions:validate",
json={"assertion_xml": assertion_b64},
headers={"Authorization": f"Bearer {os.environ['AVNOLOGY_API_KEY'
curl -X POST "https://api-id.avnology.net/v1/saml/assertions:validate" \
-H "Authorization: Bearer $AVNOLOGY_API_KEY" \
-H "Content-Type: application/json"
const res = await fetch(
"https://api-id.avnology.net/v1/saml/assertions:validate",
{
method: "POST",
headers: {
Authorization: `Bearer ${process.env.AVNOLOGY_API_KEY}`,
"Content-Type"
body := strings.NewReader(`{"assertion_xml":"PFJlc3BvbnNlIHhtbG5z..."}`)
req, _ := http.NewRequest("POST",
"https://api-id.avnology.net/v1/saml/assertions:validate", body)import httpx, os
httpx.post(
"https://api-id.avnology.net/v1/saml/assertions:validate",
json={"assertion_xml": assertion_b64},
headers={"Authorization": f"Bearer {os.environ['AVNOLOGY_API_KEY'
curl -X POST "https://api-id.avnology.net/v1/saml/assertions:validate" \
-H "Authorization: Bearer $AVNOLOGY_API_KEY" \
-H "Content-Type: application/json"
const res = await fetch(
"https://api-id.avnology.net/v1/saml/assertions:validate",
{
method: "POST",
headers: {
Authorization: `Bearer ${process.env.AVNOLOGY_API_KEY}`,
"Content-Type"
body := strings.NewReader(`{"assertion_xml":"PFJlc3BvbnNlIHhtbG5z..."}`)
req, _ := http.NewRequest("POST",
"https://api-id.avnology.net/v1/saml/assertions:validate", body)import httpx, os
httpx.post(
"https://api-id.avnology.net/v1/saml/assertions:validate",
json={"assertion_xml": assertion_b64},
headers={"Authorization": f"Bearer {os.environ['AVNOLOGY_API_KEY'
Generate a signed test assertion for a specific (identity, SP) pair -- use during SP onboarding to verify your attribute mappings without forcing a browser flow.