API Reference

SAML Shield provides a simple API for validating SAML responses within your application, giving you an easy way to secure your SSO flow without changing your existing SAML setup.

API Keys

To make validation requests to SAML Shield's API for the Managed service or via proxy, you'll need to authenticate your requests using your public_token found in your Dashboard.

For Managed SAML Shield, you'll need to provide these credentials when initializing the SDK.

For proxy requests, you'll need to include the credentials in the configuration script.

const stytch = require('stytch');

const client = new stytch.SamlShieldClient({
  // Retrieved from SAML Shield Dashboard
  public_token: 'your_public_token_here',
});

Validate

Checks a SAML response for common security issues and malformed assertions, returning detailed validation results without performing authentication.

Headers

Body params

Response fields

POST https://api.samlshield.com/v1/saml/validate

curl -X POST https://api.samlshield.com/v1/saml/validate \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -H "Authorization: Bearer your_public_token_here" \
  --data-urlencode "SAMLResponse=base64-encoded-saml-response"

{
  "status_code": 200,
  "message": "SAML response contains no XML validation errors",
  "request_id": "request-id-0441da01-6a4d-4ca6-8573-3f88e3515c96"
}