SAP Knowledge Base Article - Public

3354640 - Checking the Validity of SAML Assertion for OAuth authentication


You want to know the validity of generated SAML Assertion for OAuth authentication


  • SAP SuccessFactors HXM suite
    • Integrations 
      • OAuth Authentication


Use the expireInMinutes to generate SAML

  1. With 2H 2022 We changed the expireInDays field in to expireInMinutes, which customers can set more reasonable expire period (eg: 10 minutes, 30 minutes) for the generated SAML Assertion. The default value for expireInMinutes is 10 minutes, you can set any valid values for it.


To check in validity please follow below steps.

1. Generate the SAML using any process.

2. Once you generate the SAML copy it in notepad ++

3. Select all SAML then click on Plugins > MIME Tools > Base64 Decode.

4. you will find some thing like below code. from that please check for NotBefore="2023-07-12T14:05:34.493Z" NotOnOrAfter="2024-06-23T19:35:34.493Z"

NotBefore= start Date

NotOnOrAfter= End date 

See Also

3031657 - How to generate SAML assertion using SAP-provided offline tool - SuccessFactors

SAP SuccessFactors SAML Assertion format demonstration using SAP Provided offline tool


Oauth, Odata, API, SAML, expireInMinutes, expireInDays, Validity , KBA , LOD-SF-INT-ODATA-OAU , ODATA OAUTH Authentication , LOD-SF-INT-API , API & Adhoc API Framework , Problem


SAP SuccessFactors HXM Core 2305 ; SAP SuccessFactors HXM Suite 2305