---
title: "How to collect a HAR (HTTP ARchive format) file for SSO Troubleshooting"
slug: "how-to-collect-har-sso-troubleshooting"
updated: 2024-11-01T09:10:20Z
published: 2024-11-01T09:10:20Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.safe.security/llms.txt
> Use this file to discover all available pages before exploring further.

# How to collect a HAR (HTTP ARchive format) file for SSO Troubleshooting

## About this document

---

This document describes the step-by-step procedure to collect a HAR file for troubleshooting SSO sign on issues.

## How to Collect a HAR file and provide to SAFE for analysis

HAR is the short form for HTTP ARchive format, which tracks all the logging of a web browser's interaction with a site.The steps to fetch HAR file from a web browser are as follows:

> **Note:**The following example uses Chrome. Other browsers provide similar tooling, but are not documented here.

- Open the SAFE Portal the user is trying to connect tol: https://**<region>**.safeone.ai/

![](https://lh7-us.googleusercontent.com/u9Qg7RtIao-9XAdnj528sKao4INFmmIYCT6nAa5CSYmJzVcb1R9GIwhIWT7u0--YYCSiA4J-cKz_xl7rBSkBLrupw4WqolCWDQtZDkdrKUiJeugNFVQRzZUb7S4cTSg0jpk6yxdPz-IvJbh6O2Vd450)

- On your Browser, open Developer Tools:
  - Right-click anywhere in the browser window, and select Inspect option:

![](https://lh7-us.googleusercontent.com/FDKbaNDFGJJdX_q-02KbQY4Ugd0lOreiLA2iaisJ9ldTlK0ydnOqJx0cyO9NyuVCjyhJMXcH_MIiRdA5hT0ROPOjJqu1QZocOteBk8IaaG0PDA-D_3DOe8DLYCHP2JKVVXZwIFZxToRlC7HJecbr5R0)

- In the Developer Tools panel, click on the Network tab:

![](https://lh7-us.googleusercontent.com/xD4gwtIV4VLQLOJFEUt_WdE5Yge-Xt874f1kfB89EaLxkXPnPlhwJOOa40bBXQQyFEBgRm9LOgBUnSslr47i-sArn06BDfFQSDVhgIHD2gbnzdolLOyQs7FEuVcMlJGbstSEgvmiH8CWzRUKJHdOPw4)

- If you are unable to view the Network tab, click on the more options (double right-facing arrows) button to view the Network tab:

![](https://lh7-us.googleusercontent.com/XMT6SxUa8xyz1V2_lxeS9V6WcvUTH0UAgjTxkOaF3UJhg6E1mL8o_sr6FVK070q3LST_C27yi-t3xUswpfOL3MBg0Dsz1ZAoIX6Rsf1Qd0G7CnkVrbiMLPpDURx6aUuzlbfS0nO-V_qaFtHO41aKph8)

- In the Network tab, put a check in the “Preserve logs” box.
- In the Network tab, make sure that the network logs are being recorded:
  - If the Network tab shows the Recording network activity ... text, this step can be skipped as the network logs are being recorded:

![](https://lh7-us.googleusercontent.com/CeJ26o8Fe38pL8cE8QxjpUG9Z_B1Y92jg1gcGBtdTR2izUi1WLjn7bJE49OrJFDUR0I04ZR4XmKPr9nZptHN7Uuk7Y9EPbVPGMwNWsTbkk2Shsn8ltHRUNNleYjIf4RRGsTmmK5WOU4l7yCafvlqqik)

- Keeping the Network Tab opened, try logging into SAFE to initiate the SSO-based login flow.
- Once the login completes/fails with an authorisation error, click on the download button (downwards pointing arrow) in the Network tab to download a HAR file.
  - When asked for the filename in your file explorer, click Save to download the HAR file.

![](https://lh7-us.googleusercontent.com/jsA6a-RC604MbLmt8DjIVIRl--tde_R7auwH-iqCValDf7Z7_AYLJRDAzI6rZQQ_6cp9nG0TTCeRGGI-vsQosBD7DAIADW6BKfnC3ZMVtwmJkOxnF7J9x7EZP4jKYJu2YGrZLah0_emHsbBKk-0C5d8)

- Share the downloaded HAR file with SAFE via the [SAFE Service Desk](https://safe-security.atlassian.net/servicedesk/customer/portal/11/group/21/create/96).

SAFE will be looking for various details in the provided HAR file, such as idpresponse to analyze the SAML response provided by your IdP tool. For your reference, a successful idpresponse (deflated XML) looks as follows:

> **Note:** To get the XML from the idp response you needed to base64 decode the response

**Sample Response**

```plaintext
<samlp:Response
  ID="_67a1effd-abd4-47d2-957f-fcf6091ddef2"
  Version="2.0"
  IssueInstant="2024-01-16T16:33:46.003Z"
  Destination="https://auth-app-us-1.safeone.ai/saml2/idpresponse"
  InResponseTo="_ea71e376-9361-42b9-a5d4-6bbb0d684334"
  xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
  ><Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
    >https://sts.windows.net/a28016a7-6135-43f2-8ea0-37ada6ae567c/</Issuer
  ><samlp:Status
    ><samlp:StatusCode
      Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status
  ><Assertion
    ID="_70c4d592-c53f-4a6b-868d-b39d7594b900"
    IssueInstant="2024-01-16T16:33:46.000Z"
    Version="2.0"
    xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
    ><Issuer
      >https://sts.windows.net/a28016a7-6135-43f2-8ea0-37ada6ae567c/</Issuer
    ><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"
      ><SignedInfo
        ><CanonicalizationMethod
          Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
        /><SignatureMethod
          Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
        /><Reference URI="#_70c4d592-c53f-4a6b-868d-b39d7594b900"
          ><Transforms
            ><Transform
              Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform
              Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transforms
          ><DigestMethod
            Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"
          /><DigestValue
            >GyoyCiJcGmQUrhJ2P9lnsOurOxGBUsYgXWruXlDs3Cs=</DigestValue
          ></Reference
        ></SignedInfo
      ><SignatureValue
        >0arJ3E/Q+/j4y7xJvU6gVlZP0AFws7EGqeA5qJ+TpRYqR2mJsMSD66oaVP6HqJ4URAe71FW5qxkFFmf9KtYNQDSkDlhfkyt3n8onwXuyHd9D1DVswK9UhzZdzQRAn+B1wka7UNNEbIZj+YPkiEkO3x2CTAOxhhpfKc3nuv/FVuyo3K7KP6YBFuhUggGYe+XH3YGUlvFxkAHrep4MnqMS7/097breS+LiXKRTuoFcX6gSuyFW/xZzWzcJZH6ddjV0qahfcXh+azhoWil5YLGiFawwoWjnTrXQ4u/11d7Cl3wsBvQSvckYBv/4k5cBu5is1l44aWVbUnIN94gyAXk5hA==</SignatureValue
      ><KeyInfo
        ><X509Data
          ><X509Certificate
            >MIIC8DCCAdigAwIBAgIQdWfpQni5Ma1CMU8d6uUlcDANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0yNDAxMTYxMDI1NTdaFw0yNzAxMTYxMDI1NTdaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23Hm3vNBUcDycpmgXMJKRLwi0BiTMJOnOgnfQftoLeXg1IkYVRQMTw9enyDak2330fWVhSjfeBcPQgZamHuTzbE+c4gkgRylzDIUjDvnmz1rJGMzae7ZzYaHmFwBfNCc8mfToAcFgFHrlwGbacKoM8ZS6MPcSH8r1hx2ImWFB0pMCqSAhrdGCvpoXI0eSRxKWWEK0f1LfidxqvmQesFcG0EmFqNEEG2NT7O8YLqkCzsk70dH8FKJb+v1Ap88qIBPWqzZgKtmnEvyVjvyqkSfTWc59PuIYPSh152KXJZ5zdckBG1xMrxyXXz20fu9/JUaEYmD6p0K8Jobj0u/UxF5yQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAsVNQVxkqVR1ZanoK1TCUwmTkcY1R6u8c80cMxcI0wJivwfHEIpyVtL3lmR35aGQ7UM+csqkwpK1tYArFW0SyH4xglsjMhQj1jGK4jMIIUPjTKtNi/4BcxyBYuu2Vwjfy26b0SbzQQFv2Usuhmg57YZn7Yq43Rj2c1ZQND+ue5ChKsF9/1GTgsKgm6UO2E11IhHXkAOiBpvxmkHCd5pmZae7JKvv655aI1YKUZTuEPxBOWH+a86eXG4BJ5BpR3ctoDr5YyGcNSByJxoBFbYLE8iOTeaOBSH27pqvRRPAFs5uNXFsrL79GpHPPHc0/5nNqFxw/mdguPNVlyuzd1B/ID</X509Certificate
          ></X509Data
        ></KeyInfo
      ></Signature
    ><Subject
      ><NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
        >testUser@SafeTechnologyPvtLtd.onmicrosoft.com</NameID
      ><SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"
        ><SubjectConfirmationData
          InResponseTo="_ea71e376-9361-42b9-a5d4-6bbb0d684334"
          NotOnOrAfter="2024-01-16T17:33:45.882Z"
          Recipient="https://auth-app-us-1.safeone.ai/saml2/idpresponse" /></SubjectConfirmation></Subject
    ><Conditions
      NotBefore="2024-01-16T16:28:45.882Z"
      NotOnOrAfter="2024-01-16T17:33:45.882Z"
      ><AudienceRestriction
        ><Audience
          >urn:amazon:cognito:sp:us-east-1_mSGKPnplt</Audience
        ></AudienceRestriction
      ></Conditions
    ><AttributeStatement
      ><Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid"
        ><AttributeValue
          >a28016a7-6135-43f2-8ea0-37ada6ae567c</AttributeValue
        ></Attribute
      ><Attribute
        Name="http://schemas.microsoft.com/identity/claims/objectidentifier"
        ><AttributeValue
          >c035a24a-26e8-40f6-a4b9-6d2570069095</AttributeValue
        ></Attribute
      ><Attribute
        Name="http://schemas.microsoft.com/identity/claims/identityprovider"
        ><AttributeValue
          >https://sts.windows.net/a28016a7-6135-43f2-8ea0-37ada6ae567c/</AttributeValue
        ></Attribute
      ><Attribute
        Name="http://schemas.microsoft.com/claims/authnmethodsreferences"
        ><AttributeValue
          >http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password</AttributeValue
        ></Attribute
      ><Attribute
        Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
        ><AttributeValue
          >testUser@SafeTechnologyPvtLtd.onmicrosoft.com</AttributeValue
        ></Attribute
      ></AttributeStatement
    ><AuthnStatement
      AuthnInstant="2024-01-16T16:33:39.701Z"
      SessionIndex="_70c4d592-c53f-4a6b-868d-b39d7594b900"
      ><AuthnContext
        ><AuthnContextClassRef
          >urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef
        ></AuthnContext
      ></AuthnStatement
    ></Assertion 
></samlp:Response>
```