About the RealMe OIDC Messaging Flow
The key steps to simulating the OIDC messaging flow in MTS are below. Details of required parameters and expected responses can be found
here.
-
The OIDC Relying Party (RP) redirects the user to the RealMe OIDC Authentication Endpoint via an authentication request.
-
You can submit the content of the OIDC authentication request
here
or send a request directly from your browser by sending your authentication request to the MTS authorization_endpoint (refer table below).
-
If your OIDC authentication request does not pass validation, the relevant error messages are provided to assist you in resolving the error, so you can try again.
-
Once your OIDC authentication request successfully passes validation you are redirected to an outcome page, where you can initiate an OIDC authorisation code response which is returned to your redirect endpoint.
-
On receiving a successful authentication response, the relying party can invoke the RealMe Token Endpoint.
-
Once the OIDC token request has been validated, RealMe returns the response:
- A successful response will include an ID Token.
- An unsuccessful response will return an error.
MTS Endpoints
| Endpoint |
Description |
| Issuer |
https://login.mts.realme.govt.nz/4af8e0e0-497b-4f52-805c-00fa09b50c16/v2.0/ |
| authorization_endpoint |
https://login.mts.realme.govt.nz/4af8e0e0-497b-4f52-805c-00fa09b50c16/b2c_1a_dia_realme_mtsoidc_service/oauth2/v2.0/authorize |
| token_endpoint |
https://login.mts.realme.govt.nz/4af8e0e0-497b-4f52-805c-00fa09b50c16/b2c_1a_dia_realme_mtsoidc_service/oauth2/v2.0/token |
| token_endpoint_auth_methods_supported |
client_secret_post or client_secret_basic |
| token_endpoint_auth_signing_alg_values_supported |
RS256 |
Skip to content