Home >
SAML >
Examples >
Response

Response

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

An unsigned SAML Response with an unsigned Assertion
An unsigned SAML Response with a signed Assertion
A signed SAML Response with an unsigned Assertion
A signed SAML Response with a signed Assertion
An unsigned SAML Response with an encrypted Assertion
An unsigned SAML Response with an encrypted signed Assertion
A signed SAML Response with an encrypted Assertion
A signed SAML Response with an encrypted signed Assertion

SAML Response

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxb0f1e2c1-0633-247c-c081-0fbac991b2e8" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxb0f1e2c1-0633-247c-c081-0fbac991b2e8"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>XIRsY581FX4MsF7wZDQjQSz0clc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>oqUEPBFRL4Cd4vixrwY9erhZxtbuMKAXPdeCnXJHomh0OlqLnZVhDpgw18oSuLR2vgpgm9hsYtUXs1fSkZE62/m5bPTKpZNlZAETc2ykS77BCf1VeFO+dNTZf0l/qJNa0yr1fhyO8/ElhpUPRtLD5aD/IJ3BuOR6NanJctsXbDI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Message

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx0dc3c56e-71f1-8711-f3f4-6bc257e8fe68" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx0dc3c56e-71f1-8711-f3f4-6bc257e8fe68"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>hErEk2n2tZASajgqP0kMHxZ457I=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>TLI2BIXtHd7BE8IIbOIvA6uD/VS2zR4nQ11eq5yWKa3AXrg21KYVOvwf6syTiuAUpINDP6XPFGMqcC/GA1+eE/6Rw47PTaGBS9Y2eYB1lNEW8shNHxkI3NTB4Lzs+GbNzmlNFfihWW5OXCKh56KYhAkN77TCPcW3Pqw744MNAbc=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Message & Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx32122673-874e-f9c6-0eea-50384f7b92f5" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx32122673-874e-f9c6-0eea-50384f7b92f5"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>bvTbKuNKbXM0hdYW+73kLQIFo1M=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>SniwWLhB21AEcm8TnCvkBZMoaQDZKNPB7YgiwiIH/+B5khAbwCtWFUJTM420UOShUs69RRLyPaUc2GeRa08Sr80j0ogNbrZGlKfQDcViNJ3x+gHtT935DahllIoW8hDF0FCA5OGHfwvJIOsK9WQMCkOob1ETmI2oKU634hzP+sg=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxa6dedd46-d20e-9599-9d80-d7114299f697" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxa6dedd46-d20e-9599-9d80-d7114299f697"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>oeOagqZYthp1rXDO+FXVzQcxfUo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>KPgDFYn9oDrqU91nyR7GCtt95C0iwNtZHjrnbVPx4mrA3l0pjd0Ul8vymDMzOcmY2egB6FE2Vb2WQfE64PbZn1w5hwdK5rKYbkU9tSHjlqPhAvINIOUCJVHEjO2hybsokVlLSFJrDm8sZZ7tgI6/h4hbxCGOpj216uYXLTyfiHI=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Encrypted Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>lAckSqoIgl8sWVrkPpfEUpWbQJMkuWz9HT2Uap7caBjFluj4g6GJDHhWUDGbXtuT5xo9hmRLDrJhQKEJfbzLNHaMUqp0/g4iYkMuqMKZMQ5ADwW5o2R7OP7yj5AVkDKfBXVTYiGunlOX/lLnfo3SSvcXaofuDSdP07d9lORwi/M=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>DJPMtd6ksndTG4XNk52T5UGYyx2LXXD2QXCT2KNNUiSXXtQva9uS6CnGSiNqo4I1p48AoVuxxxXQ7sGgsd7Hz2s5TOCCFtvtlemAsSRAr7wbYb26RxZhyVOimg9EdRRY30qJs8Ck46EtV87XQCmQyKFLmWjG3LBeL7nUVcw6kOIqpLCTCly1r7Y5hncXaOGEOBwW3zpb1+Rl4rx0VEUAcFVAdHrXWOqEuy7rx5cXQ5J2hYP2CFDJmg5zZCOiPP/Stex0XGI77xKyJwsBrCNqQ+4v2lmrcjpA/fda2Hvr9sS89gXxW1LxnQF+Cyj49culFDAh0Aq0pGeaMd79kng1Ts8fst7dPXQJFg7aZ/WELqzVpdtjhoziBzZuH6cvIOMgnLkbduN4KYInLBcYJBTGRSE5X/QSHqdcOjARO8fM0VVAT0phv0HZsLsNEsXpOjDcEzDun6WQA+IZlKHjc0J2wFRsz8APAb2PFECBMp8JKtyouoQuWn/x8QNflDsz3uNmwDVTOim3TsCFFTS6IdGHEe6bYcbr6znzbk73CzvY2jBbQ4RsQ58F9WxnyW9I8iJk/jcNM4kxrpoalECfp6hWDwFUpShIHgzh2P4LO9d4VzdhXznVOAndiFM/Haq7UXl3+8IHTc7PxXMpRijdHbXxb9gbVSRml1mZluzdLuq5WiVZLbFNe1pwHSEf29fSY6E8BjTE0xy4aB6r1T1jhfG7zEUUvtWpFM/8R5d3H9t8T8u8ynHMlcIDshBm+3XSJhKzFgT2cXluIzQRw53LzKceUS39/FinHQU9mADoplA4yex/unG5mdOcW3X5UcBhyqBsQsvDGNHEL5pNLO8BpklMB/qBzKGPgcG4kmRN40N8emwD/ImcHnnJIc0Ll7SsmYs1S57QWGXizk2PXjrxNNH1kpqnVJhziZzW1Z4/YVhvduAkqYUl2Ne1qQivri5ZPMcky4FIg3LZBWYqBs/EUsoNUcyXa/U329eo2n7D9pMBZRl2+BA2/X+CDcNG53BxipSYq8m2l9fOjptHhtUjo5XGgWVGclKz5tnEkNYSROf85oMKGUsHIZPJThq2Z+pZjuk0I7XhCtrmPDIuYKrF3cEkO1FETuqjhUEenYgF819on2Zo8wTawrWhu+6MTGTOVofdMIO2z5vEp2A+p36HD/+KqmAo06vRBfdKVtGjf2ILIQlTEck+DFO2l7bQZxd1kELKW2JphJgDDaNeqZ2LB9AzweHwi3eiAxq5QRyvRSxJnjtDqJFQkjas2YxHydms041Y9O/vgfkhSIttiygU+P8kcs9KWI4WPPmfgeqSgp5ykKfCvSQYvCMeydUBvjIQ7khp8/H4r8zixOKTPEjfiFRA99b/sU8E5833bLVcZY+oPgN+8rPBpgO2qP4WR8D92zu5eItvLU9MpB59t9aZC6fN36XMOXCNngXniXeifGBswqZReHjR+TIqa2nqtOd3OIi/nDLM+yvUE+zeR9WTVhOG7+wNnD9xGEAoIyrCWQVtjXmBPoe7GANLcHz52Ih2suKYka+RYPkwB4aFluKn4lhCctqFz2SkTJ/QCkv9goT3eK125bPElcjFb48IKGzALVExFcpNyjtrME0qFUcjN9YLSC9QVL1y9SUsqi49DNRzbVvD/Quv6VcDBeN9cKv0myTJFyNS89sDFbqh9KOaG3jUoaKcM4AAi4NEZMbyTCAqsFvbBue8EOPK+AKsB8wyBQUGbXXS/bw9eOVx5XHYmFJMlnEQLVgriQX0GP8KGDz8MBly6yORn9R+gg05cKNXMY0gsWwy5Nr4DHwygGxrerOWE+qMlLOyT0kkkrvVoOSiwYz1G+D6hNVzk5AOhPnQJFEv4Jsy5F24ANhjauouMZpC24bhUYfr580ZiXRiQJgmUyOqeKD9470hBKrOGl3ZapKnPl79DwC9wOjfHEtrPlIWCWFuxXu8Mzi7ZJFcNgdT9729W+CMEXYFHHKTP4WJCGEPSOddKVcP1aKDLpaBFOq4PBn4MPvwcYQ6cPiOA3fs16HKRSI9SP+ZcPd47Zmp+wBOKOCGV5CN0HriAaCC+o1qiPPI2Ni/dxH+jDoGy7MRXokRmcSLW7LowrnfvmckTZs7HwkwN3w0NvAP5sNKo0MivqJ0q/dfYUibDowVv1E86L5Xgd1DBe/6fzszOdWL6xeAkYRAQhDqDQNRzD0MIvozD73WNS0y8yV/2hOSa+EZrccoZukZPoIeceyYjt7TY9eMKVmzjgRbfwBJ3xeTt4G6mUwCLfVogtO70Eku4UXs1EFTXf/l3M2qPYxY9bx3dgMhtjFozrdF1wpQH9enbRActf4jkjOfoNJET3zRbpcM6Fpr3kiD5Hnt/h8G3BGu7hqAYDEWqb9clvM8paV9qp+58RuSqGyNZ7F6X6CgwkH8kAuvYbwMrpnJYtJPQ/8sjNl0dHcl9Cm9vy3UydgQUacHauD6gJGQn0qYaYcEYd8tIzRA738QqZcd5WhVNoDz4uAC1daVIDWHGXEPKLg1ahfVvAZkRPSctADwUKKGbn0xJH7YW7JlfPoWOwGLVYxv2Tom76YeMjKJ/FTfi8SmsVTVU4uOMYXiLzTX5JYkUmvo+oMvGu8Rpc4rZhmYFYSReB+0Cczh6d1atBbcwzRf0tzdq9kQDqUc6dVyKG5Lnw9RI+1VCJycbDFRr9s6A+iCyLYTJ70PzpeAqCn8g+BP8/pA4IMp5dN1/VaBoARsthNHJt9ZAD/6j21ocyKVo3Rsm7fOHKCEOY1XlrJD7trIQNItY1AGvTlbLfbrv6MaeXM84W1tPcmIt8e93/krCU4W+sHXNKM7g5E7tqh9QfbI2iVJ5SzlxsS1SltvOMYoyYpoKNJl4pJFF/R2LTWP39QItUBwSATs+dX7oP9+Nxs7eqpxcIEk1Q4YjbgU/Wqvd/TF96A=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed & Encrypted Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>VO8tnv8MuJIsLO5Vafjm80nCeH8cygrD/xMf2O3faoBNcO21GpsoaN8AoREImHNhqTHACvjVvNFT4Yn4wvqoOt6txEI7/gfT5yJwEuLoorBVFd2wt+/3+QRdp3rdFCjjF/riykjNyt+1NbF1zrJz1lyEC6dHUe6FA7dqE4WtZp8=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>i9wtpDlCefaci+8bkM+QBzz3EYeAsSfLajENR4i2mRV69z0akJpPbGso+lfeLz1FDB6YnRVqzdEX44tJHm/1voiA5w1wJUqhckbVk3CoC2YQ3k09gGsfV1zsdsgQCzyzA1abAt2nD9xe/rmZQsuxnnc45xBy1JeY5HTUUpRCXx1DztzK+zbEpBTVK4u4S3Gr9vu9DDNoN7o5RfX9otabMDgFnKBVEuJ3WYlKn/Ko6Az4FqnpXtmRbVb8pbCAt3dzjtQPVPwTy81GOBzA1SEWvL6c+itz7X9tDjlujHFxRDYJU7Co13PoNw57PAQAd6JG0t0lK2Lsm3f1+Nerh3chT4ENa606/L19Xhb4Unv9P1dyZpA4TkkteYUrskgbE6+ws+497UiOd0gAikjCfeQC9GDViqOxTxP9hnGH62BsPKeJblJdr4R6DMoq/HpMUUDSCRfHyW50Ntbe4GmypuVONLOgCVSpifJ6upoFHpZ3eqLRWnjCVDgBTlj1dHZZ1PDcw2mfnRQQZgWFbaZhVTgmO4iObqulXgi/IrU8UNUzzd/Q5uXkw6rky+IjVz8Kh6UkWmkWLOeo6bfYFa8GWIIyaNAvIlTjm9qfnO/iuZpAzJrPklqnejKjdU4I+2cjXTfMCeKtkQrugfbi2+Tb2v5x7YmTCQf8j+gfuUOrA03pqeJ4SFQazyA37CcKq+gSIqcb3qfVwoCM5BdqUQkorC0LSlBejMMwj8kI8x2WEssN04bAsO7kZB4Trl56P/6YREnGF75V1+wKh0vNOfYF10WlAsCpKTBBuF3L7Al+ykfA+36mfqSzHdw5swp9BnxiAMbDuyxo/c55Xsy/oIu2YRbJDZE3Yved4EiUZvDzj6f23oN27RnQ3qaCWLFslny1FRFDDjUuuX1V4hEW6YnjRhjsn1ZNDLIpaXBVKA7rSMJsSCHh+lNHSgkiVPLVkx8UDbjTrj9XUJKqaD0E/FKQf2Pfvk687AFG857g0jxTe/pvU4hd+bBtoxuAkxbrioMrlgDWXPZMjXMHX2dSYUb4yFxhrgNA6CwgNZmVDkC8gA063e0QVhdEosJTkEnyeg/+UivXyiFkRVwLVgDsWuOr8iYZWcrya34+/vPmUaTEFX3LrllcEnHvHvQPtJPqEGyCjX5fhj/xLrSDm/KyOP2ilm8e95uJvcbor01KHzfQuXcKR/7z6qxTsyA8SXjIwBjz3sVu3haOm6raIocTur18eMs/eVtBc6bcAUB/kVzg+PDXY8L/rM3dXxw2tjkpL0LMXMAdozezriOysx16HgI4R3O3DmCYsLNYgejgSVKCUIOChACFjQh8uJd6BkbKvAbE2VY6ajqUmnzooXI0XvMVlitziSQ3PIW8vhPNsWMlHjSF44PqxnhAj7KJaJIh/GEUSgQdXDyCDQcm9JCy7Ip+HGe8V94CqkYtq6QUP/2bQCcaQz3eUixftRggXedv8IoICX92ivLpXtIo8xvorPMqdwDjQSCejEf5N24DTl/1UMd6KA6KZZHUmKk7SbbSR5zGR8LRgcwmBsyqt78IapK8VRurulqorf6cRUF8/aekK79NwZysEC9Cl4k+UWfIFSG5S6tk0C7DAVECFB/4OGkyVHV37mJNOMvU+hfpXRwwoMu9oWoZSYf9cvBlpcfL12b17UnQ/ooCVmOowstccO5OgND9NklZr4zugruCTUbSzTwz933Y/dkSvJ1YPKblmYNbPtg2DeY3FoD2EVxgWPdDxdlHolbLA7cf3St4SxaSlVKDtQH1VpBSIcTVOICUYOfpckah7SiIS7Hozr4Fy5Cl5eRbsZkjGQOJ5DUGdAVOCVzWI5p/hDnnmPPBRwrccyploQXgkX2+wQV1Fc65DWbwCxkVmCbejYzOAXp8fnZf6zubgomm5qARpzPYEXDRauJbw+SUxhT1qYIo161u/r+F80/MQ42+8DXM57Bevv7WHKi9IvY7buFI1UQwk4sBeJrux/hDrpPOUvpBW3GqkNaSqGfTGqGsOLl/pic9H5pcUx7dfSuv/H/9ILiDn1d75yHZFmjsQVq7X06/+K7By9ORPRfm/3owC96DOGOW841UxTlLGwUS8VobXnMeyCmOjsc9uKgOs+tXzT+1r325En7m+g9pzBCJ2pc08gzBrTPIr2Oa6tI/Cof8bZGT3FES6QW6rPX9C9zC41l8/SMShRFrZJOSqX0zJgMdRevbtm8dvvOGu62jWtUytNouhf21z8sqzUmsBCX0MQaAyPmGrj7tyJgwVKts6Uasmy91JDRE4nxTfeHwcoK3rq9yOHeKaeQnZMHdxlin7i21MuqS+cUlygs/sYPISAk8IEoc3B9n8tfZu5XVcpDC08R3rgWqQZGvTEgWJSvqArfpGiJ7Pbz9G/gd0ixfARMWB5jDPYgCun2YbZubaLr52+UPTvhNdZWbefKEo04tGdtFQ/HL8drIdUC4bsUf5O4itIAZg81t1EjFkhS6Du9lN9bVsLeqaDpaY5px5VaC5AUwn5JJv8ASVz4QYBPQPji4LavhblR9OiajvAR1J9nD6PvJQeXJC/sD5T+NbCS6q8oV/TIRLzW+DGDwIa3oWQOdmAQEgWrZTp4FkljMHIJgkzFkiPmO/EKC++aF2nLhWvqaj3P0JuwGl/fIl6oAXeRUpo7/otk/aD82+huJFlhOoUUk3vrJd+805RhM761Oxgi4aI1NSRQu61YuTU5CFeXC2jnqeL1qa9lPI6YsXB0k6hV7P1SpZTg5n15JESoy0aza/UYBrAbhrZH608h4N9eEw7eGO9wtaACfOGhH5k/V8xw416Xt40xLgpXsy37F4biRXuOjEq0vN9KSCWX5rLm0Wvwkibr+EqysN3jxf16UeFKYRpu/URbauDU5EMuMNddzUpOe6kna2pTFMjEqlVkebMgogYEQ3rkqMwx/t7WK30AmAHOPfhNy6AhvESyQmD6fyjNp62wdbd6XwYWOR/byJ8oc2Jq0/ZOlhsZT/MSEkr1cIJy3VcwNlDi9/5ciLyVho4REnBG87QHbdXKihXW2bBkgWaQu8qMSdqQgZnpWka2w/d/taYyEk7bILyXtaWdqSBBz41wnFpsRU4DLRm0ygworSZzgZYKa58BfamqzVbN/ZFJ0Ih0TYh1UxQ3HBKoSBXgTW4iWk2LQCKK2SlBghvtVFF7B2H3WYKzsO1nPckr2hyFYHO5SZO4gCws8lnVZ0v6Fgl7tktBdPoGCVbANtoT0bDQbFY65xpDSgs2QJh290M7c6F6WO0uxhiwviDEKok7ezkpPSpTPJ/LQhFfPMZyCe3Rk4CxDUnn26LPCZFEfB+TaO3Z1pRRCEwbZooDZj7mcCZWugE7S9VZQaZgh1dh77HaIXECG12wssHQWcIEYt6otNO10Sg339O68RrgF3k6kKcxXVl9FtaMaEReaVU6TfnUPa1IELV/SE2/ZW0PI0myjymYUDp3BjCzWAARiHOmYxWTsGsz5MaVFfkWCe/5lszFLSDq3lbCcw+of2MF9Pyto4B8s1R+ngM9JNg0mD9UyiIf1CCEiKWWPwfgXX2UCU8ioO5EJ7se13urhpA0tjHCOEBfTv/knYYRXJu2rS1LdqUJOSNCvt51Wrkc6d46eyoP9M1kZRnUzL7JvmGcXdAvle6wzqDrB3ePwTsDxvtFKwWPGysJ7HGvjWly2no8RDq44kbY6cAnjeV1UQA2D9O+m0J+DQu5AG2QRRAAz3CoRjuCzCzp80KW568x0DmJo1Xike5i+mz5zkIBPh4y90AkIwg4b2JFU33m6IhsC+HnR/n7HoMWHUV+tfDySIZTFeYlCg7cMUbOfj4+UhKAwi2DqfphrGe/awqbHxsqVgldkNRz7cHRC/ixL7bZdQCK2ZIFQ6t+u9EDB69meyAEiK4nJ6d9RSDORUV/KwHUnn9YUGYNwmN73CWQ4moELg4OV+eqE6EwpKBitAxg1EOSeA0YWMsbcRhxzwYBYpfMhQjp1BJ9QXKMDVyH7EUJd11Wx6c7P7JIhlO/quQ0CyGKaDHBMf/nuCdqrmQE3Iso0UKs9fd7nadNraEwZZcY7ydSzsNuOLaaIMVG9yS/Nh/FCAPYEdyLLUdIPYJdzNECn4MhgKGqVau0FSrZxKcaAj7Q51VnH+Xefr/oggIlX5ImJJZP9ngwacVvUEUQ+sIHhJhpOJKnbwWto13019zbzM8j6RbkhAzZyzdKmyXiDmAKNA17XEnHYJ4fAuPYTVmVlgLCDWZkCjiJiynR8EnmRP9aDkT4VIUQeYJR9w0LYk6/hU7e/rYfRfhD2W2ljTf/kFBnb3tJPAluyz/bYVgBIBwI8M+Gy5Jaq0YzlgQ+gpTbbPCEMIWQ3PW/6d7Vulcq3TR4F9zC6jaY2SdSWSFJE0yR3wsw2W9Dh0bI1ofcAkJnfP4ewEZp4597Us0wtABUVX9I4hLx3c9RxGnc25tMY5ClYNzk1m3OO1CvveSNO5xt/QxqFQtpImu/zl1Vc30cwioFisqEPUZiF84Ohgdy5PSDY0NgzDL1rLXD6hdPJBGwNscH1ws+pcGK+qmuLmT3NOOFYcfbvZJEyaKALw49hg384Z6hFoCpQxvUgKCJLeUhqFbcFN8U/M6WmFToC2isBzV1YkoTkP4XKK761KnEIQCFhtGafCbcFpZ0itEYMHP3Z5A7kAy9Z1V3WIKo0pu2d3DLRES1zdDw5YbX1zepCf3I8ao1N+94ZNVuPYblkd77JhsJgycgwNou/tGbzkC3PtKnOJ3my9fNraWtV5eGhvQp2fve3Bc4KxKNZIY9k2TjDmp1zOeLzet6qq/fYHcvAcBPfHqyDjWaG5h9Z2dCjOHhE44okbB9dAP5p6XQJd6ceY73kmpwRRk1YJmOvdLCKKY7ymxtto7zcfMyS+hOooLRy+aWuSAes6ugH6BW5mEgQHkwy5SowgVua0mWdNl4wAhAJrkCKI3U9OaIn23Oi2pELjRLlmbjIcI+uzOubR85bdwd/UGIyxQXhwBQRlOn1KjHT+zxifZCBFTxVuoN6iLbghkAfxZBzF9icyOMXSboq8QqiahjREQWkWhj7z7n9wJv9RDWV/O89m6MZJ3/+GQzTBNy9FtW8WW51na+KIcKlZZt3XR+Hu83w/17O6tjWCDAtPKXXJE/z+LE85fGlKul1chcFr57SUY68eZ8li6HmwbahCj8VZYiIgsILUMIcskPeFxBn2Vv5tebI5zzeaB4KG1LTNZ4FvZAF51GEHiUOe/4JS6/vUefu5AG95Ygg8j1Iqo+R2HPh42YRRx5mnOZ0UiF9BltrVBwDEUpZkza90ggK5zEBBsdaQumlvv8NUO3BnBKEWhu5HC0tRXdEGkMIzr90q0p3IRXwcrlXQS4WCcGVt6Mp5TYfksGp62LgEXgaGc2i7NlpuRl8LdlO1RHcCqtL7qShmAPvzcr8fHMse0ysH1h1r4kXKh+OYNzewORI0FeF+xUtQppYvCOqbGxJmV/FmALe4z0=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed Message & Encrypted Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxc173c105-c0fa-65d0-bacc-97c4208eb8bb" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxc173c105-c0fa-65d0-bacc-97c4208eb8bb"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>0l9MBrAWB30t4aJW7KFN3aeQzCg=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>yheXggtqZ8Ji1WbBe6pHC5hxgONGCsSpFVYTRPQJNi5KwGiwy2BiRoX7F6QPZZ5d12X0GVs+1muvfaJfHVw3CPgG9dJTBVo9zBcX9u5wNiZ/Rifb8vTxKMkPVsY4E4ianBHq8lfAOU7G1vlGVg3NinYDHABhYODw9Wb3lrmyvm8=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>lAckSqoIgl8sWVrkPpfEUpWbQJMkuWz9HT2Uap7caBjFluj4g6GJDHhWUDGbXtuT5xo9hmRLDrJhQKEJfbzLNHaMUqp0/g4iYkMuqMKZMQ5ADwW5o2R7OP7yj5AVkDKfBXVTYiGunlOX/lLnfo3SSvcXaofuDSdP07d9lORwi/M=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>DJPMtd6ksndTG4XNk52T5UGYyx2LXXD2QXCT2KNNUiSXXtQva9uS6CnGSiNqo4I1p48AoVuxxxXQ7sGgsd7Hz2s5TOCCFtvtlemAsSRAr7wbYb26RxZhyVOimg9EdRRY30qJs8Ck46EtV87XQCmQyKFLmWjG3LBeL7nUVcw6kOIqpLCTCly1r7Y5hncXaOGEOBwW3zpb1+Rl4rx0VEUAcFVAdHrXWOqEuy7rx5cXQ5J2hYP2CFDJmg5zZCOiPP/Stex0XGI77xKyJwsBrCNqQ+4v2lmrcjpA/fda2Hvr9sS89gXxW1LxnQF+Cyj49culFDAh0Aq0pGeaMd79kng1Ts8fst7dPXQJFg7aZ/WELqzVpdtjhoziBzZuH6cvIOMgnLkbduN4KYInLBcYJBTGRSE5X/QSHqdcOjARO8fM0VVAT0phv0HZsLsNEsXpOjDcEzDun6WQA+IZlKHjc0J2wFRsz8APAb2PFECBMp8JKtyouoQuWn/x8QNflDsz3uNmwDVTOim3TsCFFTS6IdGHEe6bYcbr6znzbk73CzvY2jBbQ4RsQ58F9WxnyW9I8iJk/jcNM4kxrpoalECfp6hWDwFUpShIHgzh2P4LO9d4VzdhXznVOAndiFM/Haq7UXl3+8IHTc7PxXMpRijdHbXxb9gbVSRml1mZluzdLuq5WiVZLbFNe1pwHSEf29fSY6E8BjTE0xy4aB6r1T1jhfG7zEUUvtWpFM/8R5d3H9t8T8u8ynHMlcIDshBm+3XSJhKzFgT2cXluIzQRw53LzKceUS39/FinHQU9mADoplA4yex/unG5mdOcW3X5UcBhyqBsQsvDGNHEL5pNLO8BpklMB/qBzKGPgcG4kmRN40N8emwD/ImcHnnJIc0Ll7SsmYs1S57QWGXizk2PXjrxNNH1kpqnVJhziZzW1Z4/YVhvduAkqYUl2Ne1qQivri5ZPMcky4FIg3LZBWYqBs/EUsoNUcyXa/U329eo2n7D9pMBZRl2+BA2/X+CDcNG53BxipSYq8m2l9fOjptHhtUjo5XGgWVGclKz5tnEkNYSROf85oMKGUsHIZPJThq2Z+pZjuk0I7XhCtrmPDIuYKrF3cEkO1FETuqjhUEenYgF819on2Zo8wTawrWhu+6MTGTOVofdMIO2z5vEp2A+p36HD/+KqmAo06vRBfdKVtGjf2ILIQlTEck+DFO2l7bQZxd1kELKW2JphJgDDaNeqZ2LB9AzweHwi3eiAxq5QRyvRSxJnjtDqJFQkjas2YxHydms041Y9O/vgfkhSIttiygU+P8kcs9KWI4WPPmfgeqSgp5ykKfCvSQYvCMeydUBvjIQ7khp8/H4r8zixOKTPEjfiFRA99b/sU8E5833bLVcZY+oPgN+8rPBpgO2qP4WR8D92zu5eItvLU9MpB59t9aZC6fN36XMOXCNngXniXeifGBswqZReHjR+TIqa2nqtOd3OIi/nDLM+yvUE+zeR9WTVhOG7+wNnD9xGEAoIyrCWQVtjXmBPoe7GANLcHz52Ih2suKYka+RYPkwB4aFluKn4lhCctqFz2SkTJ/QCkv9goT3eK125bPElcjFb48IKGzALVExFcpNyjtrME0qFUcjN9YLSC9QVL1y9SUsqi49DNRzbVvD/Quv6VcDBeN9cKv0myTJFyNS89sDFbqh9KOaG3jUoaKcM4AAi4NEZMbyTCAqsFvbBue8EOPK+AKsB8wyBQUGbXXS/bw9eOVx5XHYmFJMlnEQLVgriQX0GP8KGDz8MBly6yORn9R+gg05cKNXMY0gsWwy5Nr4DHwygGxrerOWE+qMlLOyT0kkkrvVoOSiwYz1G+D6hNVzk5AOhPnQJFEv4Jsy5F24ANhjauouMZpC24bhUYfr580ZiXRiQJgmUyOqeKD9470hBKrOGl3ZapKnPl79DwC9wOjfHEtrPlIWCWFuxXu8Mzi7ZJFcNgdT9729W+CMEXYFHHKTP4WJCGEPSOddKVcP1aKDLpaBFOq4PBn4MPvwcYQ6cPiOA3fs16HKRSI9SP+ZcPd47Zmp+wBOKOCGV5CN0HriAaCC+o1qiPPI2Ni/dxH+jDoGy7MRXokRmcSLW7LowrnfvmckTZs7HwkwN3w0NvAP5sNKo0MivqJ0q/dfYUibDowVv1E86L5Xgd1DBe/6fzszOdWL6xeAkYRAQhDqDQNRzD0MIvozD73WNS0y8yV/2hOSa+EZrccoZukZPoIeceyYjt7TY9eMKVmzjgRbfwBJ3xeTt4G6mUwCLfVogtO70Eku4UXs1EFTXf/l3M2qPYxY9bx3dgMhtjFozrdF1wpQH9enbRActf4jkjOfoNJET3zRbpcM6Fpr3kiD5Hnt/h8G3BGu7hqAYDEWqb9clvM8paV9qp+58RuSqGyNZ7F6X6CgwkH8kAuvYbwMrpnJYtJPQ/8sjNl0dHcl9Cm9vy3UydgQUacHauD6gJGQn0qYaYcEYd8tIzRA738QqZcd5WhVNoDz4uAC1daVIDWHGXEPKLg1ahfVvAZkRPSctADwUKKGbn0xJH7YW7JlfPoWOwGLVYxv2Tom76YeMjKJ/FTfi8SmsVTVU4uOMYXiLzTX5JYkUmvo+oMvGu8Rpc4rZhmYFYSReB+0Cczh6d1atBbcwzRf0tzdq9kQDqUc6dVyKG5Lnw9RI+1VCJycbDFRr9s6A+iCyLYTJ70PzpeAqCn8g+BP8/pA4IMp5dN1/VaBoARsthNHJt9ZAD/6j21ocyKVo3Rsm7fOHKCEOY1XlrJD7trIQNItY1AGvTlbLfbrv6MaeXM84W1tPcmIt8e93/krCU4W+sHXNKM7g5E7tqh9QfbI2iVJ5SzlxsS1SltvOMYoyYpoKNJl4pJFF/R2LTWP39QItUBwSATs+dX7oP9+Nxs7eqpxcIEk1Q4YjbgU/Wqvd/TF96A=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed Message, Signed & Encrypted Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx7ffb92ee-7bcb-4e98-afa7-146e797484b6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx7ffb92ee-7bcb-4e98-afa7-146e797484b6"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>oBCPDb5pE+vdrOFdPNHglhwpV0w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>TshY+nQf4dcgiioMpmpVPMLQ3KLhpJeQ1eekdfUZkfpshbqaPzp4sCH6ZmOHHO1Fpuva4653r4/Z2x931q2myKTWEJ5mcB0Y7vCNIRr9MIfvjqlEidLsl4WzoyOv63+e9J2x+iEEC45Kk4JGoCEYidaX8UoBRwYwUwo2S7yGp5k=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>VO8tnv8MuJIsLO5Vafjm80nCeH8cygrD/xMf2O3faoBNcO21GpsoaN8AoREImHNhqTHACvjVvNFT4Yn4wvqoOt6txEI7/gfT5yJwEuLoorBVFd2wt+/3+QRdp3rdFCjjF/riykjNyt+1NbF1zrJz1lyEC6dHUe6FA7dqE4WtZp8=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>i9wtpDlCefaci+8bkM+QBzz3EYeAsSfLajENR4i2mRV69z0akJpPbGso+lfeLz1FDB6YnRVqzdEX44tJHm/1voiA5w1wJUqhckbVk3CoC2YQ3k09gGsfV1zsdsgQCzyzA1abAt2nD9xe/rmZQsuxnnc45xBy1JeY5HTUUpRCXx1DztzK+zbEpBTVK4u4S3Gr9vu9DDNoN7o5RfX9otabMDgFnKBVEuJ3WYlKn/Ko6Az4FqnpXtmRbVb8pbCAt3dzjtQPVPwTy81GOBzA1SEWvL6c+itz7X9tDjlujHFxRDYJU7Co13PoNw57PAQAd6JG0t0lK2Lsm3f1+Nerh3chT4ENa606/L19Xhb4Unv9P1dyZpA4TkkteYUrskgbE6+ws+497UiOd0gAikjCfeQC9GDViqOxTxP9hnGH62BsPKeJblJdr4R6DMoq/HpMUUDSCRfHyW50Ntbe4GmypuVONLOgCVSpifJ6upoFHpZ3eqLRWnjCVDgBTlj1dHZZ1PDcw2mfnRQQZgWFbaZhVTgmO4iObqulXgi/IrU8UNUzzd/Q5uXkw6rky+IjVz8Kh6UkWmkWLOeo6bfYFa8GWIIyaNAvIlTjm9qfnO/iuZpAzJrPklqnejKjdU4I+2cjXTfMCeKtkQrugfbi2+Tb2v5x7YmTCQf8j+gfuUOrA03pqeJ4SFQazyA37CcKq+gSIqcb3qfVwoCM5BdqUQkorC0LSlBejMMwj8kI8x2WEssN04bAsO7kZB4Trl56P/6YREnGF75V1+wKh0vNOfYF10WlAsCpKTBBuF3L7Al+ykfA+36mfqSzHdw5swp9BnxiAMbDuyxo/c55Xsy/oIu2YRbJDZE3Yved4EiUZvDzj6f23oN27RnQ3qaCWLFslny1FRFDDjUuuX1V4hEW6YnjRhjsn1ZNDLIpaXBVKA7rSMJsSCHh+lNHSgkiVPLVkx8UDbjTrj9XUJKqaD0E/FKQf2Pfvk687AFG857g0jxTe/pvU4hd+bBtoxuAkxbrioMrlgDWXPZMjXMHX2dSYUb4yFxhrgNA6CwgNZmVDkC8gA063e0QVhdEosJTkEnyeg/+UivXyiFkRVwLVgDsWuOr8iYZWcrya34+/vPmUaTEFX3LrllcEnHvHvQPtJPqEGyCjX5fhj/xLrSDm/KyOP2ilm8e95uJvcbor01KHzfQuXcKR/7z6qxTsyA8SXjIwBjz3sVu3haOm6raIocTur18eMs/eVtBc6bcAUB/kVzg+PDXY8L/rM3dXxw2tjkpL0LMXMAdozezriOysx16HgI4R3O3DmCYsLNYgejgSVKCUIOChACFjQh8uJd6BkbKvAbE2VY6ajqUmnzooXI0XvMVlitziSQ3PIW8vhPNsWMlHjSF44PqxnhAj7KJaJIh/GEUSgQdXDyCDQcm9JCy7Ip+HGe8V94CqkYtq6QUP/2bQCcaQz3eUixftRggXedv8IoICX92ivLpXtIo8xvorPMqdwDjQSCejEf5N24DTl/1UMd6KA6KZZHUmKk7SbbSR5zGR8LRgcwmBsyqt78IapK8VRurulqorf6cRUF8/aekK79NwZysEC9Cl4k+UWfIFSG5S6tk0C7DAVECFB/4OGkyVHV37mJNOMvU+hfpXRwwoMu9oWoZSYf9cvBlpcfL12b17UnQ/ooCVmOowstccO5OgND9NklZr4zugruCTUbSzTwz933Y/dkSvJ1YPKblmYNbPtg2DeY3FoD2EVxgWPdDxdlHolbLA7cf3St4SxaSlVKDtQH1VpBSIcTVOICUYOfpckah7SiIS7Hozr4Fy5Cl5eRbsZkjGQOJ5DUGdAVOCVzWI5p/hDnnmPPBRwrccyploQXgkX2+wQV1Fc65DWbwCxkVmCbejYzOAXp8fnZf6zubgomm5qARpzPYEXDRauJbw+SUxhT1qYIo161u/r+F80/MQ42+8DXM57Bevv7WHKi9IvY7buFI1UQwk4sBeJrux/hDrpPOUvpBW3GqkNaSqGfTGqGsOLl/pic9H5pcUx7dfSuv/H/9ILiDn1d75yHZFmjsQVq7X06/+K7By9ORPRfm/3owC96DOGOW841UxTlLGwUS8VobXnMeyCmOjsc9uKgOs+tXzT+1r325En7m+g9pzBCJ2pc08gzBrTPIr2Oa6tI/Cof8bZGT3FES6QW6rPX9C9zC41l8/SMShRFrZJOSqX0zJgMdRevbtm8dvvOGu62jWtUytNouhf21z8sqzUmsBCX0MQaAyPmGrj7tyJgwVKts6Uasmy91JDRE4nxTfeHwcoK3rq9yOHeKaeQnZMHdxlin7i21MuqS+cUlygs/sYPISAk8IEoc3B9n8tfZu5XVcpDC08R3rgWqQZGvTEgWJSvqArfpGiJ7Pbz9G/gd0ixfARMWB5jDPYgCun2YbZubaLr52+UPTvhNdZWbefKEo04tGdtFQ/HL8drIdUC4bsUf5O4itIAZg81t1EjFkhS6Du9lN9bVsLeqaDpaY5px5VaC5AUwn5JJv8ASVz4QYBPQPji4LavhblR9OiajvAR1J9nD6PvJQeXJC/sD5T+NbCS6q8oV/TIRLzW+DGDwIa3oWQOdmAQEgWrZTp4FkljMHIJgkzFkiPmO/EKC++aF2nLhWvqaj3P0JuwGl/fIl6oAXeRUpo7/otk/aD82+huJFlhOoUUk3vrJd+805RhM761Oxgi4aI1NSRQu61YuTU5CFeXC2jnqeL1qa9lPI6YsXB0k6hV7P1SpZTg5n15JESoy0aza/UYBrAbhrZH608h4N9eEw7eGO9wtaACfOGhH5k/V8xw416Xt40xLgpXsy37F4biRXuOjEq0vN9KSCWX5rLm0Wvwkibr+EqysN3jxf16UeFKYRpu/URbauDU5EMuMNddzUpOe6kna2pTFMjEqlVkebMgogYEQ3rkqMwx/t7WK30AmAHOPfhNy6AhvESyQmD6fyjNp62wdbd6XwYWOR/byJ8oc2Jq0/ZOlhsZT/MSEkr1cIJy3VcwNlDi9/5ciLyVho4REnBG87QHbdXKihXW2bBkgWaQu8qMSdqQgZnpWka2w/d/taYyEk7bILyXtaWdqSBBz41wnFpsRU4DLRm0ygworSZzgZYKa58BfamqzVbN/ZFJ0Ih0TYh1UxQ3HBKoSBXgTW4iWk2LQCKK2SlBghvtVFF7B2H3WYKzsO1nPckr2hyFYHO5SZO4gCws8lnVZ0v6Fgl7tktBdPoGCVbANtoT0bDQbFY65xpDSgs2QJh290M7c6F6WO0uxhiwviDEKok7ezkpPSpTPJ/LQhFfPMZyCe3Rk4CxDUnn26LPCZFEfB+TaO3Z1pRRCEwbZooDZj7mcCZWugE7S9VZQaZgh1dh77HaIXECG12wssHQWcIEYt6otNO10Sg339O68RrgF3k6kKcxXVl9FtaMaEReaVU6TfnUPa1IELV/SE2/ZW0PI0myjymYUDp3BjCzWAARiHOmYxWTsGsz5MaVFfkWCe/5lszFLSDq3lbCcw+of2MF9Pyto4B8s1R+ngM9JNg0mD9UyiIf1CCEiKWWPwfgXX2UCU8ioO5EJ7se13urhpA0tjHCOEBfTv/knYYRXJu2rS1LdqUJOSNCvt51Wrkc6d46eyoP9M1kZRnUzL7JvmGcXdAvle6wzqDrB3ePwTsDxvtFKwWPGysJ7HGvjWly2no8RDq44kbY6cAnjeV1UQA2D9O+m0J+DQu5AG2QRRAAz3CoRjuCzCzp80KW568x0DmJo1Xike5i+mz5zkIBPh4y90AkIwg4b2JFU33m6IhsC+HnR/n7HoMWHUV+tfDySIZTFeYlCg7cMUbOfj4+UhKAwi2DqfphrGe/awqbHxsqVgldkNRz7cHRC/ixL7bZdQCK2ZIFQ6t+u9EDB69meyAEiK4nJ6d9RSDORUV/KwHUnn9YUGYNwmN73CWQ4moELg4OV+eqE6EwpKBitAxg1EOSeA0YWMsbcRhxzwYBYpfMhQjp1BJ9QXKMDVyH7EUJd11Wx6c7P7JIhlO/quQ0CyGKaDHBMf/nuCdqrmQE3Iso0UKs9fd7nadNraEwZZcY7ydSzsNuOLaaIMVG9yS/Nh/FCAPYEdyLLUdIPYJdzNECn4MhgKGqVau0FSrZxKcaAj7Q51VnH+Xefr/oggIlX5ImJJZP9ngwacVvUEUQ+sIHhJhpOJKnbwWto13019zbzM8j6RbkhAzZyzdKmyXiDmAKNA17XEnHYJ4fAuPYTVmVlgLCDWZkCjiJiynR8EnmRP9aDkT4VIUQeYJR9w0LYk6/hU7e/rYfRfhD2W2ljTf/kFBnb3tJPAluyz/bYVgBIBwI8M+Gy5Jaq0YzlgQ+gpTbbPCEMIWQ3PW/6d7Vulcq3TR4F9zC6jaY2SdSWSFJE0yR3wsw2W9Dh0bI1ofcAkJnfP4ewEZp4597Us0wtABUVX9I4hLx3c9RxGnc25tMY5ClYNzk1m3OO1CvveSNO5xt/QxqFQtpImu/zl1Vc30cwioFisqEPUZiF84Ohgdy5PSDY0NgzDL1rLXD6hdPJBGwNscH1ws+pcGK+qmuLmT3NOOFYcfbvZJEyaKALw49hg384Z6hFoCpQxvUgKCJLeUhqFbcFN8U/M6WmFToC2isBzV1YkoTkP4XKK761KnEIQCFhtGafCbcFpZ0itEYMHP3Z5A7kAy9Z1V3WIKo0pu2d3DLRES1zdDw5YbX1zepCf3I8ao1N+94ZNVuPYblkd77JhsJgycgwNou/tGbzkC3PtKnOJ3my9fNraWtV5eGhvQp2fve3Bc4KxKNZIY9k2TjDmp1zOeLzet6qq/fYHcvAcBPfHqyDjWaG5h9Z2dCjOHhE44okbB9dAP5p6XQJd6ceY73kmpwRRk1YJmOvdLCKKY7ymxtto7zcfMyS+hOooLRy+aWuSAes6ugH6BW5mEgQHkwy5SowgVua0mWdNl4wAhAJrkCKI3U9OaIn23Oi2pELjRLlmbjIcI+uzOubR85bdwd/UGIyxQXhwBQRlOn1KjHT+zxifZCBFTxVuoN6iLbghkAfxZBzF9icyOMXSboq8QqiahjREQWkWhj7z7n9wJv9RDWV/O89m6MZJ3/+GQzTBNy9FtW8WW51na+KIcKlZZt3XR+Hu83w/17O6tjWCDAtPKXXJE/z+LE85fGlKul1chcFr57SUY68eZ8li6HmwbahCj8VZYiIgsILUMIcskPeFxBn2Vv5tebI5zzeaB4KG1LTNZ4FvZAF51GEHiUOe/4JS6/vUefu5AG95Ygg8j1Iqo+R2HPh42YRRx5mnOZ0UiF9BltrVBwDEUpZkza90ggK5zEBBsdaQumlvv8NUO3BnBKEWhu5HC0tRXdEGkMIzr90q0p3IRXwcrlXQS4WCcGVt6Mp5TYfksGp62LgEXgaGc2i7NlpuRl8LdlO1RHcCqtL7qShmAPvzcr8fHMse0ysH1h1r4kXKh+OYNzewORI0FeF+xUtQppYvCOqbGxJmV/FmALe4z0=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

Have a Question?

Found a problem or a bug? Submit a support ticket.

Looking for walkthroughs or how-to guides on OneLogin's user and admin features? Check out the documentation in our Knowledge Base.

Have a product idea or request? Share it with us in our Ideas Portal.