Hello,

I am trying to authenticate API calls from my application using the SAML Bearer Token flow and getting an HTTP 400 back with the message {"error":"invalid_grant","error_description":"invalid assertion"}.  As far as I can tell, my post meets all the requirements listed in the documentation, so I don't know if there is still a mistake in the SAML I am generating or a configuration issue, or what.  What is the best way for me to approach debugging this problem? Is there a tool similiar to the SAML validator that can be used with SAML assertions?  Or a log somewhere of why requests are being rejected?

Thanks in advance,

KS