Simon, did you receive my response to your problem in the former ticket you opened? Did you get the email notification? Otherwise, I'll have to retype...

No, the previous ticket was deleted somehow. (not by me) Can you re-send?

I was saying that integration with SAML providers is achieved by reusing this project: https://github.com/bergie/passport-saml So basically we are subject to its capabilities. The `additionalAuthorizeParams` is listed in their "Additional SAML behaviors" section of the README but it has to do with appending query params, not altering XML payload. In passport we are setting `additionalAuthorizeParams` of SAML strategy [here]( https://github.com/GluuFederation/gluu-passport/blob/version_3.1.3/server/auth/saml.js#L39). `objectJSON` refers to the contents of file `/etc/gluu/conf/passport-saml-config.json` that you can find in Gluu server chroot. I was commenting that no one in the past has used this feature, and from what I saw in the code the way this value is being parsed might not be correct. I suggested doing this: - Alter `passport-saml-config.json` so that it looks this way: `"additionalAuthorizeParams": "{ \"providerId\" : \"test\" }",` - Alter `saml.js` so that it reads dictionary data from json string this way: `JSON.parse(objectJSON['additionalAuthorizeParams'])`. This file can be found at `/opt/gluu/node/passport/server/auth/saml.js` - Restarting passport Of course, it only makes sense if your IDP can interpret the additional params this way

I try to keep an open mind in these things, and not to place too many artificial limits on my own abilities, but I think re-writing `/opt/gluu/node/passport/server/auth/saml.js` to parse the JSON correctly may be one of those cases when I have to tap out... :) Thanks for the response anyway, if this isn't something your product can do right now, I think I'll leave it there. Simon.

This is something we could take on if BT were to get a support contract, but it's out of scope (no pun intended) of what we could do for a POC.