Home >
SAML >
Examples >
Response

Response

This example contains several SAML Responses. A SAML Response is sent by the Identity Provider to the Service Provider and if the user succeeded in the authentication process, it contains the Assertion with the NameID / attributes of the user.

There are 8 examples:

An unsigned SAML Response with an unsigned Assertion
An unsigned SAML Response with a signed Assertion
A signed SAML Response with an unsigned Assertion
A signed SAML Response with a signed Assertion
An unsigned SAML Response with an encrypted Assertion
An unsigned SAML Response with an encrypted signed Assertion
A signed SAML Response with an encrypted Assertion
A signed SAML Response with an encrypted signed Assertion

SAML Response

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfx77598077-71d4-729e-3f5c-16ce12e708c2" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx77598077-71d4-729e-3f5c-16ce12e708c2"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>aX4sS1IU2ZGOYMhN2nhTjoArIvc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>0gihJ7o3X2DNY70/JsXXUwl5quXYzeLs4pyBxFgoW/ZbWPXYEJgTOC637wmPRydDYvr2K63iWZQ61USr6itd+aT2ehq0eRsYZwDjPw7J/31aclHgcIuNL3FW4nK1ZiGQX3N8uwTIsd4kUCCCgBXfdP6nfyZG+qqENzFQHeerpNg=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Message

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx2cb843fa-7078-1e02-9642-8f8417229e1e" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx2cb843fa-7078-1e02-9642-8f8417229e1e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>2mA1V8ZSSZkW3qi5HoPe2mjcYws=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>sOgq5bjYCZZKsmGYiJpIjXbZIEiiQFW6fNXDi5nPDy8xwbwoCCNrQfEFdUju7v9sJdzPEE2E4Xz0Xpw6QIrwn064gQdhZShtxwt8q+7CiQ6npB6Y7GvRndWORSW5Li1PlIVg3/jTx8DocI0DJiIr2DjpXgHtmXaZ/DCDVe46pJo=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="_d71a3a8e9fcc45c9e9d248ef7049393fc8f04e5f75" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Signed Message & Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxddac4e87-ef0e-9201-00d1-9899a14c3913" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxddac4e87-ef0e-9201-00d1-9899a14c3913"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>g26Q/iKNGTzFMa3tdpfFbvQRjfo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>LyNVUkBi5zYYNKY86dDhUselG8lN1W0VNKRG7sB85Ti8MVZzvMT+pSNdvcHDPhDHvmme5xmphe5vDiNbx808PIiuNApTXDGFZhTfck+3sXCTAG/G90FMJf3/SjKDrAAzHf5mqPSo7kedTnzEXT320IPiNiR2aGvSNEGg21YHozs=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" ID="pfxf5bf0c9b-b6c8-3301-1b0d-cb4e06a6561b" Version="2.0" IssueInstant="2014-07-17T01:01:48Z">
    <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxf5bf0c9b-b6c8-3301-1b0d-cb4e06a6561b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>IrND54QGvmOmlbVaZwC8MNnyI9E=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>CEbvGdy6+/g32EHU5qMDKR0BDiUzc32BGbOHJt94+1Vm90cH4ypCzPLQQl6UfN/CxD+5K/cAQ/erPMr6mRRc+VryMwWl1xfY2xl8sfgsBlnX9SLa5SBmVEaZOkVGwBxSsKhAs1Z/9J8eoxYP+GH5BrGo36Nox5jPDPkzqG1sv18=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
    <saml:Subject>
      <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_ce3d2948b4cf20146dee0a0b3dd6f69b6cf86f62d7</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData NotOnOrAfter="2024-01-18T06:21:48Z" Recipient="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2014-07-17T01:01:18Z" NotOnOrAfter="2024-01-18T06:21:48Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://sp.example.com/demo1/metadata.php</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2014-07-17T01:01:48Z" SessionNotOnOrAfter="2024-07-17T09:01:48Z" SessionIndex="_be9967abd904ddcae3c0eb4189adbe3f71e327cf93">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">test@example.com</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xsi:type="xs:string">users</saml:AttributeValue>
        <saml:AttributeValue xsi:type="xs:string">examplerole1</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

SAML Response with Encrypted Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>trtsCyD/0iY+OCUPX74goe8161aJpZzGd4goPy8luUwbSpR1Hmax9lXpFQCQeMIuK/Pn7vcoB2N6h8JLE1vjaT+TP5V+qTNs2M/Mk55JcR8lhEyR2bMsN0k86Fa07dnW1oImMXYYNkTRb53M9/qXz0lhH0sOd0A9jeyusD26P9w=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>iQ5x7yR2iAvioTsyo6XhUpZPtKdoUAx4fC49h6UWJxNaOt7ZU0GSP86yy5YGGDpgZ9IQAYKokxWM6jZSgH27yh+c+ODyETcxiHQUVGNXXUztDd72ToLiWwdOD+oLwKdDu5ZkGeNtgI6raofwXiqnsZ99FIBiW8st+sd0PnZG2zyP9fG2SCUIffrtM6vp9iYjjeAwF4APWSx2Q5f0T89jwmHyS54EFWdm+0h1Oa9wu/1T9kefaR1r88lIrKbBJNDi2g3eczdUEj1+wsScWSp8fG91JZ57EW8WSggNtDrrYDmCJy0GylkfyMY3FvCOZrJ884uDkKh7vl7kBcW7Fbw10xSrUmBSNxAGLpc5dR887SvtaWAdT6cff85q+KomEmzw64Bz9EVqD7UlmAn2spcmS5yUNMFqJPYkzM/6dn30ta72ad+Oidg3xW6pp0sfYycf3RNVrGbYUYlpiWWCtXwEQWeZBEsLWcS0h5fhQchLN59xevG5CBF1/Y469Q1GAcUHtTvP82pv0czi4yMZlKiCqx2pYZyhwdA57QJizheH/KOGHETgKlCUOqyiVzhDWMVtOE32YgJ9hyZYU2jd8Ii6HL1N3LYieDEA0Wuyal8C7SPcd/mxNsEWr+Rr+3H5sRj4j15O11ucvY7Cc58b2RKZ4d+xoLmaTyTEEsiHsyLOREhopvku6CPMxvrl9TkrBt3kgTjUVyWX0fMUZxneEX687CahOroWlV3hZxfTeqYPa4nx4seQi/Qvs+E2RLpzT5Veuc5Vpp+j5jwuIyhDd0tVZ1umoZ8HKWYCx2jbOECzferifz5btUEA9KLvOsOMjlszSIwB8SBoJKuOOi0LHrjoWugNexfQ8lpQ+gFdQtjVgy8QP/jwgf1EiHpFPBF4QOmwHscvde1Qj2Jt1qhVoXOoEptmx/2YrtxJ4p/83lBoa//7JyHavGsdksXV3M38cZ6Qqepq3Y2a2spCrhYOlfOjtgVcL0efOOdr0xCdNWMuXPqjO5hMGBMXtl0gIXlrBoC6d23z24d+XhG9dlnkZvcOlkeFMotQxjOuhlz50q/Axb4UoXhq0YevRmMH94W3OJKDAZ/gwrrgQ+MWLfrU8y3I8la/CLY78Jr9ATodS0rpujpKVNMTTrpm6ek4e8U3+rhFtA0rGPq12dAuN3YAu97j70ssnXGc7UbembD/73oukpwCDVZUllUhBVkbxl/2H+P1ukkcdvrsJqOvhH8TtvGOWnL3nrTReiDyfDpiW6LhYo0R3Ys2cfZvxp0w41PsfQ6JdMD4Nu5s3db1mJMVJ80wob0m0yea/Fmq70mn+oESUbYZ5eP7A1JtAM55X6sBIF1z5Tj2n1YKntpAQQixV/UFwzmmnO4TB3+QuujvMe+xtVnUAgiGOs1xEzB4hW3XgrBv2s4gMKOCNfFLaQOysbZwDDI9yh7n6JiSfNApo2WTWMqsi0aVOlZbMR6bNbh9ADolOUsLgyWWQ7vV/Ll/Viss3B3pRkRQ++ENuJ5xJiN4CN5hwwQ19BpotMcfzF7Ur8el7J7j/2XgviMkWo6hHd1+Fkb8XyW23YTuAoFUbBRY1Tb8IGC+9KNk1aXkCp2Vuo2IxEGCZZM2KQ8hzqZb8qFiQ8nBmloDYBotzCx+8m5bwi6wjSOFLIB5DD3FTThkYL05kNHqcM1nQ0EbwUdUcykrQFvfwPSpX4BuSNZzbFR50EUz563D1UE1zAX3UMOKjqjO8BkMKQ9e9rd2DZeqpow8W1ILtGOuVj5cliOjPba/lxicjiEdQXrrDYMJlaYKK4R2yTiJ3IJHB+xAwcXVq8o5ROUpelAg5tHcJgOX1kOmHx4iaJzOxCW0cGHhwUlTEiNMg/TM2OfPLjxht9IY5wJcZZ3oxbeUvgFl2ROnqJd+s4Jm1ED/hz3e+7EP3O4CVQUsYrg2JM/3sQo43epqaqav408C3jJzmdG15WzjbQMdmo0sghq3yDDWFujJxUcqiuh7Lm0ZXBj9rjsm553LAAsvrqWz2Xs95xoUyhcru6nTE1YnhCnTnx2PMiFoY0S1xEPVm5MIGa2rK+jWcs2mIAmpD6J2wK+I3Y41xs7SV98ZQVXGowQeVGOf39SVXVkS3cW+KkL7iSgRjYHQLx68lPm2EInoksF2NPEyv3kVrBYQHnGKwBWAlUwxqp9Vd5App+cA3WlZNOzK4jV34Dhi3rSwLy41un92T01LC2SpiLcnMykCi2nEEOKOqX/qB6Z0CY/Jmt9yqLRbSQPUdv93aWpeH8GttUeiP5IwBN4Xgc9RidfJmnRSgBCun+/eJBSS60R313WeHz8CgLzFn/Mf5WOcAz9G/iVKUoa/9RVuGwzvVQxW/5AnYzll9ozBOaUzYbHcBrrr+0pXxpqL8lkusDDL4O0SmpSL9psLafi6oJNWb0nQT9aliddEpuViSkljqkZU6tQCMFKjZs0Taerl+9SExqEGnWQhTCy+dulI3VyFO1tQXV3v/hsLTRSUKuYgzlhQmFFZOKmW7mhyJXt4SvQri2uPPRhuLtzFYi7pW3m3dJUxtyi1wji6Qd1PPmxpgc17MYiJOxNa/0huvG4IWiPCUQwO6e6hiIYHjuu5v8Y4a/G2xkMJvHj+CfgBhzXFhmi4v3rhC+oqU6+kRfjZlmb8EC0uZlmNe6n41kdET2gSLaBJofwTiCQg+WDg977gVJCogNyw+lJ1ZvCILCltyhmPRNDoDZEEqIkIUk7/qSjh1hClS9rbcRqsLANpbf1iHJtaSz6IPr7RODXsqkiGg0MWbpG109uqxiXCnd7/Yj6+inQl+TrGE5FIeJrOJ6XDVkT3T2yfQeRwKwAe0NhckXomd0VNf0mA8x4beztONjkRShsc12vHJRLsWJZk9PDaZ2NL9WHhna2dpIIEocglM4/XvmNhHhfkDHueih8U/zvHT+c=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed & Encrypted Assertion

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>SYLj+Mw9SOMoziorPFrNU7ShXy/B/hdvQlZhjWhUpfL+w2PoRRvMOFyv30RhFfU3vCThtghmKlDZX8te8T9s1PwJ8lfosoUqHNLFftMxL/XQ77uvZYZkeob83B+0k/nGmX0mZWGXTzDASfTXD7DYkPjnwXFgV8X7v2d7YtCQq3E=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>z3OhfQ6TTiL76uGLaS+3YAxLODD3dRDGU4Fp2JVHWeMy2y/BF0EVvHN4JGNl4ttVqLL/mTPnR9A2TlpcZDSypWVpTLu5hM6ri3IdQeyPKEA4uWN4gKDJuYr0p33oEHEWWsZ3pPnNTe9Q5pdtLmxh8/pze6XpWeZdcN0QC/tvkAihCRAXC3ld76ROosfB3HEmDdtPBUO3nyS0RGnhiVt2pMIpSoYrrUhctXhXH3TF17pU4Md1cpN5inBBuzbdQXDpyc8RUbKFftv0XKTiLy6yeQ9TUEtCfc8iQxDEicEHEr03Wx+dWaIj86nUdbSq70Vlz9oJjcF1cgZuyGtObf1KiMnpqu88bsPCsmeUGA4m4tFt1p/0hsZrCla3RpGXxVRN1WdDrJtkDIRuuD4dSJs95HnaZZr7G2w01rbGYsrhrykgrAxuuG6N1fPdxwS4nT+WeUAEND4qbArO5rUKu1tR7KgGNAf7DWzXo6T6ylfynJmW1DUvpXX94eY8xhT3vFUfIH/ZmDmYls5kJ8ifpQ6PCmjgPic0qX6HXXKnYCYMP4mFKIjiAxSYCaBwtbd+P6lDzPI267wx+1/enUmwArUtpObBfDsK4JjXE/dRtExdbrMsWxpeysOH49HQD4kg0QOb6lDmNKZzLbjEUTYNluG22WN4UeX6oKy5OgGZQVENEIaUtLMZVtYTP51eb77i1jDCHcRgwBFZGr3fQgvy3a8efZLCNVYJIYnOYbs5/GcBWXAz2y5wcKTZUEZ7gONwTR5MfCU9os4ZnYlzi6DXDJoNh5f5/EEfKrg1xoYp/SpERLapN0sdkI/7ziIuUUyIuhTFbPFnFfBMvcfAOEDqEAoH7gULzl4hrSxAeT4RCm3KXWS7eQ6xFUJTMIefYu0u+HnFcJOiKuPo8gsLvhOCjuQC9EOdYC4T+6QeDP8SEFOy/wbAihqTOU1bkc+BpV4Uuo5DSuoN9YaC0B+/gj5jsZpSJAIajF73A5aQ90sfTaTKdsODIesVUCmBTxmRxlMnfoNLm8rlXsrXPrhY+d1NRbtfEWjDS2OkN7REabuYgmrMD4+SKvhD534Z0oj7BoMIK7+2CDTavGLWpFOnHNSQgxujGxr5FDKPcUpJ03y84CBitak6EAM1Ad9zvlbdQiR1hhsDrhVrZAJCMQQOP1FSATCgyrckMjRM62bhYAWAbhzvtevqo/2GOdWfVUOz00F89celevj0zQagnLmJNcM2QrBqWKNPKQZllBxiS/MY0lZvCQVLsJEI5jnzqySPRALjsDXMoOdJ3tT/RwK5yVHKN7dqKGWacFus/vKELUNFTRkDaJktAq/GcITctOUBWqdcvsk/ZAPwDgTdNMib+lBjWK7/jq2KKx0ROtEbulDi1VsznTHzFBFccDRQx/V6viT5rdbRdGfTIRdMVbr8jUK1oEnYViPKT85eUXywghTxYm08QQiCw2jRFcDrpqhY4pF6fN5FqfbiExmmyEQ+pC0w64cDwrB2rWJF6eRM0w3wyUqmNJ+rRzVkrL+PwMjZIrJrbmrC3Sgh9sSuptgkqp9UtpE/TedDdebXCw0YYQweXZJT4Pb5n30K5d7/UK3n2DzTlb2mOUEsB+uii2H7bXA6FidOrGkbIXVhW4Rgh73OvvqZd99aURf44km/wIAiIKejOPqrLRI0Nf7ISxgA8cDJEMfQNfNZLhJ8Yg3qtGaBt3Zu6qH4NPVY1YXyMkNUbEAtXkYQzh9Kpd7/uONHkzuAejgGAJJLHbLwNpDRFYnclpokWTh3EbmQs14lWTbUDxEerwW3iSaH+JY3LBgl1qtKmP4oUeWoUJPaiZTldu/qQEgGKeBtBbyg7K7SP/kNwlh8aDFNgp8Jd5sR22rd9jq/Yi0sCgx5WfAQi/efpowMTirQiEaGzpqlhFCbEyIZNQQpGbcNJ12UFutOAUntuweNsKAiLdtd4KkcfefybTgcLlsoMPaLTO8JK01ffypehU2joSm7VnNnYp35MZAqnmnuzMhIYBKglLYDJNpiTEm5qp5yk7JDUDJimzje+IWbNw9UFsT7jdEY4pWnCHZ3ttOVr5sWKXXQV8nVJ5ddFofDysVJWcbgkmX+A3ZP2/lC7zHUwd6L4G6YTvINCxC0rrkGFjROL5frJ6FjuuSCi+5/mez+OYthrK+utcgb3QvQPaY8of2pRFl51ml6eb3jfK0x8zmZMgd3o0a3LKxdMLjhmQQ0OBRbzo9X1Ardf0rGE1NM17CYRUgnqCKQsAdimHaRfaId7fhwRaNEnKF1Cft/VMZNkb+LTSH+AUixVg6eDgeZKhQT4x/OW4bTiuOjKk/uzikdIEX59ectd38wUnlrkVGHar27mia9/E4dQiy4dls0c9PcqLXJLL5xRGclUU51+Px1iefQvoyLHI7JrUZJ0D9b5eLZdtKzH4ooj8HGAkDf5TRl5EeQ7weM0rc+d86xE3ruxhMxzuC2wy4wAheK8fLhjYL6E2BzCrYV4OR+dNulr0VCD4Pb1FWevKUUqrR/IhwrK2vmIvyacXGsMuCZRr8+/c35LO0Oqj+s4Ssmf+vtxqeefVkmZd70XKRDoKqbBuIKpU1m2D73KEOfXuir5Un8Ih0Av5IubKgAmad5ijrFRzHfnMmmWpLkdamqi8Wm0wQTjPpKE6GMkzGWWgnnXMP3ZbY65002TI7CDdvi0nMxVxuERvSeq75gR4OF2yuLt2+GXNMH4SsdWWQzXjaBQ+/6ZRwil4GP18OlgxNclsasadNsxxBLR8LeBolrshRK1BnPSUkPwrQn0WLcEtnSVBdCyBVZqehaEDaPHivdAhygkPfgGaM3E1Vc7p7duueZI/MD9EYnAvoXhHiBCH6CiLXWujpVg1JJAc1U0vWHw0LpyOYGPpQGsuyqay1383QCjogzr7wD85140j0Fk1F2+23t1prz/liT1CczQZUlC9peFWfhyBmkomhU/KuC8yZT60Xtb6048zTuNXKbKJDWmsAyeX/PRPPXurwOKEZ7mfnC5EXJYhCWWEnJdPOqCv1vbz9UskNoWk0ZUPzN2w27fcuztw+hftzlv1098Y+VIkgIKPLilXJtcTzI+/19wRQBFrdA1uMMrA6Aj58aqysot5BWlI1sXsrGZPoownXPAHvvSBiVKzHA3xEJ9AIebZfntUQtsj89aT+JN6VdxnxFwQNdVkVs9jIc25EtteirIj48YT3wLDd83PxeWbrWGKGc95m4EaY8WQYc3Lv6AeQzD3EKyKY4GfE4J0Hs9TQg0nOnzUr6O0i2QX/eaxSmiiGZ72BSbcvSDMpZb8W7LBLQ4GO2i/LTCMI24JOMonrU9I9YFcdjlD0yi5covv9kYnSrw15AiBMhs1K9gMrp4gnCfdKNpIhRG2HRWad59VPZET1exI7lqfeOBIu964K9Fy1BFY+D83GX7Rf52XgZDK9VdVZmuNFv/OZNxvV7T64OAK1vsoigHGGe4fa9GFkwzVyTvn5sOMF06ekziEvF3phR19h76LQ8vEWsicXlUTt+ZqGoEBiDy0ekJes5mL1L9UXG6hc4RdIBA1dqBJdSmAySD2fXjJEXqH5uptANzCXSXz9eObviegyr8XdP7RKRxzv5jIOhk0Tjbnq/Uy4f+e78DcdPTlfByJoC3ZW75YbyysGbXAAhQ581dTQFZMlA9x7rxVg/rQJxRSI4i4H8nV5XcZDGoVIX4zYG22g8ccu3sZ3M25l3WuHP4xpM3o3nwrfnQhkKkLU5pmfas4Zb+3VS+Fj81okpslYo3c/qZzFXzyrvJlKCtqOLjtZKyAiBMHsyjKvgxv+7eZrsp+17wsY7eQtAXb5eP0iF+A2WRpP3//JHYjWKG/31cG+qGCln9EXTNFOdm9QrdEAgFR7FdBjbSeBp8rrzjBqyn0y6rMYghqzXeIyChQrFeA0Ia1eOBZeju6sGKDOrRuBUfXWapiy+PIlRvzoZ1J0SDYRW4n0R8NS1BZ4Ilh0xVn3+iVTRtPiOPGs2xzVJX9GUh2DdhAlnkPNBrU6q90WP2JJvhsB3Xi9Jp/RA7kBSprA6xKsdvXvFOePFBMsWJOmgME5xMrHtWVLnv5ypjl1BtZKbxQI02T2kCYBwWPwXCNFx6FgwvRfLgipoNkJ9km0oAD7QuUeKEPT2+UPOdwsAZ0xPSQelVcHK8qxDJRuxCnI7OZeLexaAY1Jcjx8uneyfOi8ldFpPJ6s3prC0fHmREgKjZMVXp1ox4dOXtq+94qOEa6j1/DkIm/kgif6zX5XEO8anqTmXFMZJuN3OrqzB/c5JVc/G0AZVa6PP/8iVZqtV+Mi0UtB8xuukVTn9xLm11+h8TXR8NuCre8F5oqypObwEy8K4sqwrGOwMJIxKencBNVUR8e7G2z5xp8dp5GgaE1JMmFlfQbsgow6duNY0zfpAF9e0sQjzDoL6lyEhupGt5b/+elJQu1ls+waF50epJgIz6ihwgQobL2CoiFqePJzgCy1VeZ2kwZHnb9LGCWM5WAsMttKxvj7cSPX0VeIcZCq0IH1eBBotlLvn07W+zLbuNF3Nw3TegdWMVvWVZa7sJthmgK4xO4rUBfKlwevEbOfVt/Qon8KgtWrh+/mKcUJ0Or7LmhVkdSe09i/V/52TrbIV4AsHgk9kCTdyC1uapBeNDVlS5a9SFcwe+O1AoVfch2Ncd8EYbwTDuTthbS6PjsmK1jjy5vmJkG1bgM3G5hH4s3CVdjpEvkwJqCOiRzKHBlx7TYzbVCMGR4G/Bv6ThiGjssSAjpwMS8lxz/EIW7WIaGTNGQk+zKORUG+KiDJ33co0ACl72vShh6/z2G8pzTRoYBi2Pn9L4w+y61gRsh2k9faHyHOka6S05TGkLriEIvav1OiQ5vRPRe5NRQE4J4lpqdUkpWi1q1/cwKJ4TC4HefF/MNiJMTYTYnT1W+RuA5+UcyzteVhr1GsnDjswUFy0YlXuXC7WdMq9946hMVGvaRvnyc2pxlXxmDp/5xjA7Y2dWoGlR2f/cTRPX8igOIwZ8F0uwem1LjwjnCG44NVeSGTNMaXaa1cwIXWGS2VGoiYCwSTBoxIbvftDrBML3SI9W/apoBL4PrKhpIH34vDv+IZAo4RdMYe7PiN6vUwVVUnxnAJ5gs7M5G1EqJgZ1ev/z/XHde8OzDsqaosPs+gu/DfcdML5mlXYNdnn7cP866xzi0/dHgoBNOt1azdgzSp5jNSmVKJ5WUlubcP9uwDd480K0C0GKvZkrj83kLMhIsg2slS5EQxl9ZSVV5IWLC+jbPvlU9+3rrBfB92sWQBwnDphqZxKF4m0twReQKUv1e+ITbU7Mre/9Uxj6BRhvADmLefGfIGFxuV9IWrVBTSqYGYmV4zRpbnCUup6j0vO+2j3TfqqeQfN5F6Ke30AIlADSyyjwvtu+gbipZNZ3sUmX0h3CQCSUD4FB0FxhRyXSswEjag+P64w+SJ0jwhPiCaWNBUNjV3EWfCnmBXXX5PevJ0GHRMTLsM=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed Message & Encrypted Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx01f5c837-3f26-8995-0ef5-9451d481c56e" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfx01f5c837-3f26-8995-0ef5-9451d481c56e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>iHNxvyIkgVtaNVE0/zB+pQ9Xvus=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>J0cO5/Zlj3lahaNb4lmla12gIvFacVKtHwb/0ETxgPouwoiiynICbNX+UdPwJaSYPPlSYBiSY5ctbWcrOYMU3ReW9q4Uj3MjxI21vvHNgLfl41RGZwk5DxKk/7JI0jpLhbyMN7oZP2kt252pHldS8IwzFKWm++sxeFGy7gLEUdE=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>trtsCyD/0iY+OCUPX74goe8161aJpZzGd4goPy8luUwbSpR1Hmax9lXpFQCQeMIuK/Pn7vcoB2N6h8JLE1vjaT+TP5V+qTNs2M/Mk55JcR8lhEyR2bMsN0k86Fa07dnW1oImMXYYNkTRb53M9/qXz0lhH0sOd0A9jeyusD26P9w=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>iQ5x7yR2iAvioTsyo6XhUpZPtKdoUAx4fC49h6UWJxNaOt7ZU0GSP86yy5YGGDpgZ9IQAYKokxWM6jZSgH27yh+c+ODyETcxiHQUVGNXXUztDd72ToLiWwdOD+oLwKdDu5ZkGeNtgI6raofwXiqnsZ99FIBiW8st+sd0PnZG2zyP9fG2SCUIffrtM6vp9iYjjeAwF4APWSx2Q5f0T89jwmHyS54EFWdm+0h1Oa9wu/1T9kefaR1r88lIrKbBJNDi2g3eczdUEj1+wsScWSp8fG91JZ57EW8WSggNtDrrYDmCJy0GylkfyMY3FvCOZrJ884uDkKh7vl7kBcW7Fbw10xSrUmBSNxAGLpc5dR887SvtaWAdT6cff85q+KomEmzw64Bz9EVqD7UlmAn2spcmS5yUNMFqJPYkzM/6dn30ta72ad+Oidg3xW6pp0sfYycf3RNVrGbYUYlpiWWCtXwEQWeZBEsLWcS0h5fhQchLN59xevG5CBF1/Y469Q1GAcUHtTvP82pv0czi4yMZlKiCqx2pYZyhwdA57QJizheH/KOGHETgKlCUOqyiVzhDWMVtOE32YgJ9hyZYU2jd8Ii6HL1N3LYieDEA0Wuyal8C7SPcd/mxNsEWr+Rr+3H5sRj4j15O11ucvY7Cc58b2RKZ4d+xoLmaTyTEEsiHsyLOREhopvku6CPMxvrl9TkrBt3kgTjUVyWX0fMUZxneEX687CahOroWlV3hZxfTeqYPa4nx4seQi/Qvs+E2RLpzT5Veuc5Vpp+j5jwuIyhDd0tVZ1umoZ8HKWYCx2jbOECzferifz5btUEA9KLvOsOMjlszSIwB8SBoJKuOOi0LHrjoWugNexfQ8lpQ+gFdQtjVgy8QP/jwgf1EiHpFPBF4QOmwHscvde1Qj2Jt1qhVoXOoEptmx/2YrtxJ4p/83lBoa//7JyHavGsdksXV3M38cZ6Qqepq3Y2a2spCrhYOlfOjtgVcL0efOOdr0xCdNWMuXPqjO5hMGBMXtl0gIXlrBoC6d23z24d+XhG9dlnkZvcOlkeFMotQxjOuhlz50q/Axb4UoXhq0YevRmMH94W3OJKDAZ/gwrrgQ+MWLfrU8y3I8la/CLY78Jr9ATodS0rpujpKVNMTTrpm6ek4e8U3+rhFtA0rGPq12dAuN3YAu97j70ssnXGc7UbembD/73oukpwCDVZUllUhBVkbxl/2H+P1ukkcdvrsJqOvhH8TtvGOWnL3nrTReiDyfDpiW6LhYo0R3Ys2cfZvxp0w41PsfQ6JdMD4Nu5s3db1mJMVJ80wob0m0yea/Fmq70mn+oESUbYZ5eP7A1JtAM55X6sBIF1z5Tj2n1YKntpAQQixV/UFwzmmnO4TB3+QuujvMe+xtVnUAgiGOs1xEzB4hW3XgrBv2s4gMKOCNfFLaQOysbZwDDI9yh7n6JiSfNApo2WTWMqsi0aVOlZbMR6bNbh9ADolOUsLgyWWQ7vV/Ll/Viss3B3pRkRQ++ENuJ5xJiN4CN5hwwQ19BpotMcfzF7Ur8el7J7j/2XgviMkWo6hHd1+Fkb8XyW23YTuAoFUbBRY1Tb8IGC+9KNk1aXkCp2Vuo2IxEGCZZM2KQ8hzqZb8qFiQ8nBmloDYBotzCx+8m5bwi6wjSOFLIB5DD3FTThkYL05kNHqcM1nQ0EbwUdUcykrQFvfwPSpX4BuSNZzbFR50EUz563D1UE1zAX3UMOKjqjO8BkMKQ9e9rd2DZeqpow8W1ILtGOuVj5cliOjPba/lxicjiEdQXrrDYMJlaYKK4R2yTiJ3IJHB+xAwcXVq8o5ROUpelAg5tHcJgOX1kOmHx4iaJzOxCW0cGHhwUlTEiNMg/TM2OfPLjxht9IY5wJcZZ3oxbeUvgFl2ROnqJd+s4Jm1ED/hz3e+7EP3O4CVQUsYrg2JM/3sQo43epqaqav408C3jJzmdG15WzjbQMdmo0sghq3yDDWFujJxUcqiuh7Lm0ZXBj9rjsm553LAAsvrqWz2Xs95xoUyhcru6nTE1YnhCnTnx2PMiFoY0S1xEPVm5MIGa2rK+jWcs2mIAmpD6J2wK+I3Y41xs7SV98ZQVXGowQeVGOf39SVXVkS3cW+KkL7iSgRjYHQLx68lPm2EInoksF2NPEyv3kVrBYQHnGKwBWAlUwxqp9Vd5App+cA3WlZNOzK4jV34Dhi3rSwLy41un92T01LC2SpiLcnMykCi2nEEOKOqX/qB6Z0CY/Jmt9yqLRbSQPUdv93aWpeH8GttUeiP5IwBN4Xgc9RidfJmnRSgBCun+/eJBSS60R313WeHz8CgLzFn/Mf5WOcAz9G/iVKUoa/9RVuGwzvVQxW/5AnYzll9ozBOaUzYbHcBrrr+0pXxpqL8lkusDDL4O0SmpSL9psLafi6oJNWb0nQT9aliddEpuViSkljqkZU6tQCMFKjZs0Taerl+9SExqEGnWQhTCy+dulI3VyFO1tQXV3v/hsLTRSUKuYgzlhQmFFZOKmW7mhyJXt4SvQri2uPPRhuLtzFYi7pW3m3dJUxtyi1wji6Qd1PPmxpgc17MYiJOxNa/0huvG4IWiPCUQwO6e6hiIYHjuu5v8Y4a/G2xkMJvHj+CfgBhzXFhmi4v3rhC+oqU6+kRfjZlmb8EC0uZlmNe6n41kdET2gSLaBJofwTiCQg+WDg977gVJCogNyw+lJ1ZvCILCltyhmPRNDoDZEEqIkIUk7/qSjh1hClS9rbcRqsLANpbf1iHJtaSz6IPr7RODXsqkiGg0MWbpG109uqxiXCnd7/Yj6+inQl+TrGE5FIeJrOJ6XDVkT3T2yfQeRwKwAe0NhckXomd0VNf0mA8x4beztONjkRShsc12vHJRLsWJZk9PDaZ2NL9WHhna2dpIIEocglM4/XvmNhHhfkDHueih8U/zvHT+c=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

SAML Response with Signed Message, Signed & Encrypted Assertion

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxa7fe121a-5df6-5f10-cbd6-bcc92696a842" Version="2.0" IssueInstant="2014-07-17T01:01:48Z" Destination="http://sp.example.com/demo1/index.php?acs" InResponseTo="ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685">
  <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxa7fe121a-5df6-5f10-cbd6-bcc92696a842"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>ueLydLamDdL4FfS97j4rp1R8+gI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>nfNgpvCYLtzxb8czcjyaLSTCFBatUJuuVAbMtCN811JySn8dbAhws5Amr3f9NUH2Au2rJiteVQ4CCDXB0moWMezZdA6VSlevjKDSfCY07eBB8MwrCv3aMx6GuVk8jr1BNlEWqM2IhfchIZesJHvGeauhBUJCEds5rzqaQ31j+3w=</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBSMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRcwFQYDVQQDDA5zcC5leGFtcGxlLmNvbTAeFw0xNDA3MTcxNDEyNTZaFw0xNTA3MTcxNDEyNTZaMFIxCzAJBgNVBAYTAnVzMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQKDAxPbmVsb2dpbiBJbmMxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZx+ON4IUoIWxgukTb1tOiX3bMYzYQiwWPUNMp+Fq82xoNogso2bykZG0yiJm5o8zv/sd6pGouayMgkx/2FSOdc36T0jGbCHuRSbtia0PEzNIRtmViMrt3AeoWBidRXmZsxCNLwgIV6dn2WpuE5Az0bHgpZnQxTKFek0BMKU/d8wIDAQABo1AwTjAdBgNVHQ4EFgQUGHxYqZYyX7cTxKVODVgZwSTdCnwwHwYDVR0jBBgwFoAUGHxYqZYyX7cTxKVODVgZwSTdCnwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOBgQByFOl+hMFICbd3DJfnp2Rgd/dqttsZG/tyhILWvErbio/DEe98mXpowhTkC04ENprOyXi7ZbUqiicF89uAGyt1oqgTUCD1VsLahqIcmrzgumNyTwLGWo17WDAa1/usDhetWAMhgzF/Cnf5ek0nK00m0YZGyc4LzgD0CROMASTWNg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:EncryptedAssertion>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>SYLj+Mw9SOMoziorPFrNU7ShXy/B/hdvQlZhjWhUpfL+w2PoRRvMOFyv30RhFfU3vCThtghmKlDZX8te8T9s1PwJ8lfosoUqHNLFftMxL/XQ77uvZYZkeob83B+0k/nGmX0mZWGXTzDASfTXD7DYkPjnwXFgV8X7v2d7YtCQq3E=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo>
   <xenc:CipherData>
      <xenc:CipherValue>z3OhfQ6TTiL76uGLaS+3YAxLODD3dRDGU4Fp2JVHWeMy2y/BF0EVvHN4JGNl4ttVqLL/mTPnR9A2TlpcZDSypWVpTLu5hM6ri3IdQeyPKEA4uWN4gKDJuYr0p33oEHEWWsZ3pPnNTe9Q5pdtLmxh8/pze6XpWeZdcN0QC/tvkAihCRAXC3ld76ROosfB3HEmDdtPBUO3nyS0RGnhiVt2pMIpSoYrrUhctXhXH3TF17pU4Md1cpN5inBBuzbdQXDpyc8RUbKFftv0XKTiLy6yeQ9TUEtCfc8iQxDEicEHEr03Wx+dWaIj86nUdbSq70Vlz9oJjcF1cgZuyGtObf1KiMnpqu88bsPCsmeUGA4m4tFt1p/0hsZrCla3RpGXxVRN1WdDrJtkDIRuuD4dSJs95HnaZZr7G2w01rbGYsrhrykgrAxuuG6N1fPdxwS4nT+WeUAEND4qbArO5rUKu1tR7KgGNAf7DWzXo6T6ylfynJmW1DUvpXX94eY8xhT3vFUfIH/ZmDmYls5kJ8ifpQ6PCmjgPic0qX6HXXKnYCYMP4mFKIjiAxSYCaBwtbd+P6lDzPI267wx+1/enUmwArUtpObBfDsK4JjXE/dRtExdbrMsWxpeysOH49HQD4kg0QOb6lDmNKZzLbjEUTYNluG22WN4UeX6oKy5OgGZQVENEIaUtLMZVtYTP51eb77i1jDCHcRgwBFZGr3fQgvy3a8efZLCNVYJIYnOYbs5/GcBWXAz2y5wcKTZUEZ7gONwTR5MfCU9os4ZnYlzi6DXDJoNh5f5/EEfKrg1xoYp/SpERLapN0sdkI/7ziIuUUyIuhTFbPFnFfBMvcfAOEDqEAoH7gULzl4hrSxAeT4RCm3KXWS7eQ6xFUJTMIefYu0u+HnFcJOiKuPo8gsLvhOCjuQC9EOdYC4T+6QeDP8SEFOy/wbAihqTOU1bkc+BpV4Uuo5DSuoN9YaC0B+/gj5jsZpSJAIajF73A5aQ90sfTaTKdsODIesVUCmBTxmRxlMnfoNLm8rlXsrXPrhY+d1NRbtfEWjDS2OkN7REabuYgmrMD4+SKvhD534Z0oj7BoMIK7+2CDTavGLWpFOnHNSQgxujGxr5FDKPcUpJ03y84CBitak6EAM1Ad9zvlbdQiR1hhsDrhVrZAJCMQQOP1FSATCgyrckMjRM62bhYAWAbhzvtevqo/2GOdWfVUOz00F89celevj0zQagnLmJNcM2QrBqWKNPKQZllBxiS/MY0lZvCQVLsJEI5jnzqySPRALjsDXMoOdJ3tT/RwK5yVHKN7dqKGWacFus/vKELUNFTRkDaJktAq/GcITctOUBWqdcvsk/ZAPwDgTdNMib+lBjWK7/jq2KKx0ROtEbulDi1VsznTHzFBFccDRQx/V6viT5rdbRdGfTIRdMVbr8jUK1oEnYViPKT85eUXywghTxYm08QQiCw2jRFcDrpqhY4pF6fN5FqfbiExmmyEQ+pC0w64cDwrB2rWJF6eRM0w3wyUqmNJ+rRzVkrL+PwMjZIrJrbmrC3Sgh9sSuptgkqp9UtpE/TedDdebXCw0YYQweXZJT4Pb5n30K5d7/UK3n2DzTlb2mOUEsB+uii2H7bXA6FidOrGkbIXVhW4Rgh73OvvqZd99aURf44km/wIAiIKejOPqrLRI0Nf7ISxgA8cDJEMfQNfNZLhJ8Yg3qtGaBt3Zu6qH4NPVY1YXyMkNUbEAtXkYQzh9Kpd7/uONHkzuAejgGAJJLHbLwNpDRFYnclpokWTh3EbmQs14lWTbUDxEerwW3iSaH+JY3LBgl1qtKmP4oUeWoUJPaiZTldu/qQEgGKeBtBbyg7K7SP/kNwlh8aDFNgp8Jd5sR22rd9jq/Yi0sCgx5WfAQi/efpowMTirQiEaGzpqlhFCbEyIZNQQpGbcNJ12UFutOAUntuweNsKAiLdtd4KkcfefybTgcLlsoMPaLTO8JK01ffypehU2joSm7VnNnYp35MZAqnmnuzMhIYBKglLYDJNpiTEm5qp5yk7JDUDJimzje+IWbNw9UFsT7jdEY4pWnCHZ3ttOVr5sWKXXQV8nVJ5ddFofDysVJWcbgkmX+A3ZP2/lC7zHUwd6L4G6YTvINCxC0rrkGFjROL5frJ6FjuuSCi+5/mez+OYthrK+utcgb3QvQPaY8of2pRFl51ml6eb3jfK0x8zmZMgd3o0a3LKxdMLjhmQQ0OBRbzo9X1Ardf0rGE1NM17CYRUgnqCKQsAdimHaRfaId7fhwRaNEnKF1Cft/VMZNkb+LTSH+AUixVg6eDgeZKhQT4x/OW4bTiuOjKk/uzikdIEX59ectd38wUnlrkVGHar27mia9/E4dQiy4dls0c9PcqLXJLL5xRGclUU51+Px1iefQvoyLHI7JrUZJ0D9b5eLZdtKzH4ooj8HGAkDf5TRl5EeQ7weM0rc+d86xE3ruxhMxzuC2wy4wAheK8fLhjYL6E2BzCrYV4OR+dNulr0VCD4Pb1FWevKUUqrR/IhwrK2vmIvyacXGsMuCZRr8+/c35LO0Oqj+s4Ssmf+vtxqeefVkmZd70XKRDoKqbBuIKpU1m2D73KEOfXuir5Un8Ih0Av5IubKgAmad5ijrFRzHfnMmmWpLkdamqi8Wm0wQTjPpKE6GMkzGWWgnnXMP3ZbY65002TI7CDdvi0nMxVxuERvSeq75gR4OF2yuLt2+GXNMH4SsdWWQzXjaBQ+/6ZRwil4GP18OlgxNclsasadNsxxBLR8LeBolrshRK1BnPSUkPwrQn0WLcEtnSVBdCyBVZqehaEDaPHivdAhygkPfgGaM3E1Vc7p7duueZI/MD9EYnAvoXhHiBCH6CiLXWujpVg1JJAc1U0vWHw0LpyOYGPpQGsuyqay1383QCjogzr7wD85140j0Fk1F2+23t1prz/liT1CczQZUlC9peFWfhyBmkomhU/KuC8yZT60Xtb6048zTuNXKbKJDWmsAyeX/PRPPXurwOKEZ7mfnC5EXJYhCWWEnJdPOqCv1vbz9UskNoWk0ZUPzN2w27fcuztw+hftzlv1098Y+VIkgIKPLilXJtcTzI+/19wRQBFrdA1uMMrA6Aj58aqysot5BWlI1sXsrGZPoownXPAHvvSBiVKzHA3xEJ9AIebZfntUQtsj89aT+JN6VdxnxFwQNdVkVs9jIc25EtteirIj48YT3wLDd83PxeWbrWGKGc95m4EaY8WQYc3Lv6AeQzD3EKyKY4GfE4J0Hs9TQg0nOnzUr6O0i2QX/eaxSmiiGZ72BSbcvSDMpZb8W7LBLQ4GO2i/LTCMI24JOMonrU9I9YFcdjlD0yi5covv9kYnSrw15AiBMhs1K9gMrp4gnCfdKNpIhRG2HRWad59VPZET1exI7lqfeOBIu964K9Fy1BFY+D83GX7Rf52XgZDK9VdVZmuNFv/OZNxvV7T64OAK1vsoigHGGe4fa9GFkwzVyTvn5sOMF06ekziEvF3phR19h76LQ8vEWsicXlUTt+ZqGoEBiDy0ekJes5mL1L9UXG6hc4RdIBA1dqBJdSmAySD2fXjJEXqH5uptANzCXSXz9eObviegyr8XdP7RKRxzv5jIOhk0Tjbnq/Uy4f+e78DcdPTlfByJoC3ZW75YbyysGbXAAhQ581dTQFZMlA9x7rxVg/rQJxRSI4i4H8nV5XcZDGoVIX4zYG22g8ccu3sZ3M25l3WuHP4xpM3o3nwrfnQhkKkLU5pmfas4Zb+3VS+Fj81okpslYo3c/qZzFXzyrvJlKCtqOLjtZKyAiBMHsyjKvgxv+7eZrsp+17wsY7eQtAXb5eP0iF+A2WRpP3//JHYjWKG/31cG+qGCln9EXTNFOdm9QrdEAgFR7FdBjbSeBp8rrzjBqyn0y6rMYghqzXeIyChQrFeA0Ia1eOBZeju6sGKDOrRuBUfXWapiy+PIlRvzoZ1J0SDYRW4n0R8NS1BZ4Ilh0xVn3+iVTRtPiOPGs2xzVJX9GUh2DdhAlnkPNBrU6q90WP2JJvhsB3Xi9Jp/RA7kBSprA6xKsdvXvFOePFBMsWJOmgME5xMrHtWVLnv5ypjl1BtZKbxQI02T2kCYBwWPwXCNFx6FgwvRfLgipoNkJ9km0oAD7QuUeKEPT2+UPOdwsAZ0xPSQelVcHK8qxDJRuxCnI7OZeLexaAY1Jcjx8uneyfOi8ldFpPJ6s3prC0fHmREgKjZMVXp1ox4dOXtq+94qOEa6j1/DkIm/kgif6zX5XEO8anqTmXFMZJuN3OrqzB/c5JVc/G0AZVa6PP/8iVZqtV+Mi0UtB8xuukVTn9xLm11+h8TXR8NuCre8F5oqypObwEy8K4sqwrGOwMJIxKencBNVUR8e7G2z5xp8dp5GgaE1JMmFlfQbsgow6duNY0zfpAF9e0sQjzDoL6lyEhupGt5b/+elJQu1ls+waF50epJgIz6ihwgQobL2CoiFqePJzgCy1VeZ2kwZHnb9LGCWM5WAsMttKxvj7cSPX0VeIcZCq0IH1eBBotlLvn07W+zLbuNF3Nw3TegdWMVvWVZa7sJthmgK4xO4rUBfKlwevEbOfVt/Qon8KgtWrh+/mKcUJ0Or7LmhVkdSe09i/V/52TrbIV4AsHgk9kCTdyC1uapBeNDVlS5a9SFcwe+O1AoVfch2Ncd8EYbwTDuTthbS6PjsmK1jjy5vmJkG1bgM3G5hH4s3CVdjpEvkwJqCOiRzKHBlx7TYzbVCMGR4G/Bv6ThiGjssSAjpwMS8lxz/EIW7WIaGTNGQk+zKORUG+KiDJ33co0ACl72vShh6/z2G8pzTRoYBi2Pn9L4w+y61gRsh2k9faHyHOka6S05TGkLriEIvav1OiQ5vRPRe5NRQE4J4lpqdUkpWi1q1/cwKJ4TC4HefF/MNiJMTYTYnT1W+RuA5+UcyzteVhr1GsnDjswUFy0YlXuXC7WdMq9946hMVGvaRvnyc2pxlXxmDp/5xjA7Y2dWoGlR2f/cTRPX8igOIwZ8F0uwem1LjwjnCG44NVeSGTNMaXaa1cwIXWGS2VGoiYCwSTBoxIbvftDrBML3SI9W/apoBL4PrKhpIH34vDv+IZAo4RdMYe7PiN6vUwVVUnxnAJ5gs7M5G1EqJgZ1ev/z/XHde8OzDsqaosPs+gu/DfcdML5mlXYNdnn7cP866xzi0/dHgoBNOt1azdgzSp5jNSmVKJ5WUlubcP9uwDd480K0C0GKvZkrj83kLMhIsg2slS5EQxl9ZSVV5IWLC+jbPvlU9+3rrBfB92sWQBwnDphqZxKF4m0twReQKUv1e+ITbU7Mre/9Uxj6BRhvADmLefGfIGFxuV9IWrVBTSqYGYmV4zRpbnCUup6j0vO+2j3TfqqeQfN5F6Ke30AIlADSyyjwvtu+gbipZNZ3sUmX0h3CQCSUD4FB0FxhRyXSswEjag+P64w+SJ0jwhPiCaWNBUNjV3EWfCnmBXXX5PevJ0GHRMTLsM=</xenc:CipherValue>
   </xenc:CipherData>
</xenc:EncryptedData>
  </saml:EncryptedAssertion>
</samlp:Response>

Have a Question?

Found a problem or a bug? Submit a support ticket.

Looking for walkthroughs or how-to guides on OneLogin's user and admin features? Check out the documentation in our Knowledge Base.

Have a product idea or request? Share it with us in our Ideas Portal.