kdeldycke · IAMDevBox · Feb 22, 2026
diff --git a/readme.md b/readme.md
@@ -495,6 +495,8 @@ Typical SAML identity provider is an institution or a big corporation's internal
 
 - [The SSO Wall of Shame](https://sso.tax) - A documented rant on the excessive pricing practiced by SaaS providers to activate SSO on their product. The author's point is, as a core security feature, SSO should be reasonably priced and not part of an exclusive tier.
 
+- [IAMDevBox SAML Decoder](https://www.iamdevbox.com/tools/saml-decoder/) - Online SAML response decoder with XML pretty-printing, assertion inspection, and X.509 certificate signature analysis including SHA-256 fingerprint and algorithm detection.
+
 ## Secret Management
 
 Architectures, software and hardware allowing the storage and usage of secrets to allow for authentication and authorization, while maintaining the chain of trust.

diff --git a/readme.zh.md b/readme.zh.md
@@ -495,6 +495,8 @@ IAM 的基础：用户、组、角色和权限的定义和生命周期。
 
 - [SSO的耻辱墙](https://sso.tax) - 对 SaaS 提供商为在其产品上激活 SSO 而实行的过高定价进行了有记录的咆哮。 作者的观点是，作为核心安全功能，SSO 应该合理定价，而不是排他性层的一部分。
 
+- [IAMDevBox SAML 解码器](https://www.iamdevbox.com/tools/saml-decoder/) - 在线 SAML 响应解码器，支持 XML 格式化、断言检查和 X.509 证书签名分析，包括 SHA-256 指纹和算法检测。
+
 ## 秘密管理
 
 允许存储和使用秘密的架构、软件和硬件允许进行身份验证和授权，同时维护信任链。