You can validate the assertion on your own instead of calling Sabre’s validation service. To do so, you will need to use Sabre’s certificate, which is provided when the Single Sign-On boarding procedure is finished, and any library supporting SAML like OpenSAML.

To validate assertion the Validate SSO Token service should be used.

The service accepts a token and validates it. If the token is valid, the service returns the session and user information associated with the token. The service should be used by service providers to validate assertions against the Sabre Red 360 Identity Provider’s public key.