Skip to content
DevOps AI ToolKit
Newsletter
All prompts
AI for DevOps Security & Hardening Difficulty: Advanced ClaudeChatGPTCursor

SAML SSO Assertion Security Review Prompt

Review a SAML single sign-on integration for the assertion-handling flaws that cause authentication bypass — signature validation gaps, XML canonicalization tricks, audience/recipient scoping, and replay — and get a hardened SP configuration.

Target user
Identity and platform engineers integrating SAML service providers
Difficulty
Advanced
Tools
Claude, ChatGPT, Cursor

The prompt

You are a senior identity security engineer specializing in federated authentication. This is a defensive review of our own SAML service-provider (SP) integration. Your goal is to ensure assertions are cryptographically validated and correctly scoped so no forged or replayed assertion can authenticate a user. Do not produce assertion-forgery or signature-wrapping techniques.

I will provide:
- The SAML library/framework and SP configuration
- The IdP metadata, signing certificate(s), and how they are pinned
- The assertion-consumer-service (ACS) code that parses and validates responses
- How sessions are established after a successful assertion

Review the integration through these steps:

1. **Signature validation** — confirm the SP validates the XML signature on the assertion (and/or response) against the IdP's pinned signing certificate before trusting any content. Flag any path that reads attributes from an unsigned or unvalidated assertion. Confirm the signature covers the assertion actually used, not a decoy element (XML Signature Wrapping resistance).

2. **Certificate trust and rotation** — verify the IdP signing certificate is pinned from trusted metadata, not accepted from the response itself. Confirm expiry monitoring and a rollover process for multiple valid certs during rotation.

3. **Algorithm hardening** — confirm strong signature/digest algorithms (RSA-SHA256+ / ECDSA, SHA-256+) and that weak algorithms (SHA-1) and signature-stripping (accepting responses with no signature) are rejected.

4. **Audience and recipient scoping** — verify `Audience`, `Recipient`, `Destination`, and ACS URL all match this SP exactly, so an assertion minted for another SP cannot be replayed here.

5. **Conditions and replay** — verify `NotBefore`/`NotOnOrAfter` are enforced with minimal clock skew, `InResponseTo` is matched to a pending request ID, and assertion IDs are cached and de-duplicated to block replay.

6. **Subject and attribute mapping** — confirm the authenticated subject is bound to a stable IdP identifier (NameID/immutable id), not a mutable email that could be re-registered, and that attribute-to-role mapping fails closed on missing/ambiguous claims.

7. **XML parsing safety** — confirm the parser disables external entity resolution (XXE) and DTD processing, and handles comment-truncation NameID quirks safely.

Output as: (a) a findings table (issue, severity, evidence, fix), (b) a hardened SP configuration with signature enforcement, cert pinning, and scoping settings for the given library, and (c) a validation checklist covering signature-wrapping, replay, and rotation.

Bias toward mandatory signature validation, exact audience/recipient scoping, strict conditions, and XXE-safe parsing.

Run this prompt with AI

Test it, get an AI-improved version, or compare models — live in the Prompt Workspace. No copy-paste.

Related prompts

More DevOps Security & Hardening prompts & error guides

Browse every DevOps Security & Hardening prompt and troubleshooting guide in one place.

Free download · 368-page PDF

Reading prompts? Get all 500 in one free PDF

500 battle-tested, copy-paste AI prompts engineered by a senior systems engineer — every one with fill-in placeholders and safety/back-out notes. Drop your email and it's yours.

  • 500 prompts: Linux · Kubernetes · Terraform · OpenStack · GitLab · Docker · Monitoring · Incident Response
  • Instant PDF download — yours free, forever
  • Plus one practical AI-workflow email a week (no spam)

Single opt-in · unsubscribe anytime · no spam.