How to debug SAML issue?

Hello dear Community,

we are trying to implement saml in our instance and after initial problems we got to the error message "No attributes could be mapped ".

How can we debug this? The saml servers log tell us that the attributes are provided.


There are various browser extentions for Chrome that will log the SAML messages exchanged. For example,

If it’s telling you that no attributes could be mapped, it suggests that the SAML config you have in Xibo mapping the IdP attributes to Xibo attributes don’t match up with what is actually being returned by the IdP.

Thanks for the reply.

Sadly the logging turned out to be a dead end, since the data is encrypted and as far as I can tell there is a one time key used in this process.

Is there no way to log the response before xibo tries to map it?

You would likely need to make a code change to log what you need. The routine that maps attributes is here:


I was able to find the issue with a log output of $samlAttrs:

    [urn:oid:] => Array
            [0] => uname

    [urn:oid:0.9.2342.19200300.100.1.3] => Array
            [0] =>


Instead of CN and EMAIL I got those strings which are appereantly identifiers for the content type.

After switching that out SSO with our Shibboleth instance is working.

Thanks for the support.

1 Like