Skip to content
English
Contact Support
  • There are no suggestions because the search field is empty.

Testing your SSO Integration

Learn how to validate your Single Sign-On setup before launch

Overview

After you complete setup for Single Sign-On (SSO) — and optional Single Logout (SLO) — in both Foundry and your identity provider, you should run through a series of test scenarios to confirm the integration works as expected.

Testing helps ensure authentication, user matching, and optional features behave correctly before learners begin accessing the platform.

Recommended Test Scenarios

Use a structured testing approach to validate your SSO configuration. As you test, track which scenarios pass and note any issues that require follow‑up.

Some scenarios may not apply depending on how your integration is configured. You can skip any tests related to features you have not enabled.

Preparing for Testing

Before you begin testing:

  • Start a new browser session
  • Confirm you are fully logged out of both Foundry and your identity provider

To reduce login confusion, consider testing in a browser you do not normally use. For example, if you typically use Chrome, perform testing in Firefox.

Browser and Debugging Tips

If you are comfortable reviewing technical details, browser tools can help you observe SAML messages during authentication.

Firefox

  • Install a SAML tracing browser add‑on
  • Open the tracing window before starting SSO
  • Run your test scenarios and review logged SAML messages

If your identity provider encrypts responses, clear‑text assertions may not be visible.

Google Chrome

  • Install a SAML inspection extension
  • Enable developer tools
  • Review SAML messages during authentication

Testing SSO and SLO Scenarios

As part of testing, validate the following where applicable:

  • SP‑initiated and/or IDP‑initiated SSO
  • Successful login and redirect into Foundry
  • Proper session handling after logout
  • Single Logout behavior if SLO is enabled

If your organization does not support certain flows, such as IDP‑initiated SSO or Single Logout, you can exclude those scenarios from testing.

Testing User Provisioning

If your configuration supports creating users during SSO, you should test scenarios where the user does not already exist in Foundry.

To do this safely:

  • Use a dedicated test user, or
  • Temporarily modify the SSO ID for an existing test account and restore it after testing

You cannot edit your own SSO ID. Use a colleague’s account or a non‑production test user.

Troubleshooting Issues

If you encounter issues during testing:

These resources cover common configuration problems and error scenarios.