RealMe and SAML

To integrate with RealMe services you choose between using OpenID Connect (OIDC) or Secure Assertion Markup Language (SAML). SAML is the international standard from the Organization for the Advancement of Structured Information Standards (OASIS) which ensures secure messaging between your online website and RealMe services.

For Java and .NET there are a variety of open source libraries and commercial offerings - there are also toolkits for other environments including PHP, Ruby, and Perl. Many enterprise identity and access management products such as OpenAM, Ping, Microsoft ADFS and IBM Tivoli already have built-in support for SAML. We have a list of SAML options that have been used to integrate with RealMe services.

The following SAML sequence diagrams illustrate the typical steps for a user at an agency interacting with RealMe services - the patterns for login service and assertion service are quite similar.

To access the secure features on the website you need a RealMe login.

RealMe and SAML

Login and Assert sequence diagrams

Login flow - SAML POST binding

Assert flow - SAML POST binding