diff --git a/lib/Controller/SAMLController.php b/lib/Controller/SAMLController.php
index 61c4cc5..02823ac 100644
--- a/lib/Controller/SAMLController.php
+++ b/lib/Controller/SAMLController.php
@@ -418,8 +418,14 @@ class SAMLController extends Controller {
 			$stay = true ; // $auth will return the redirect URL but won't perform the redirect himself
 			if ($isFromIDP) {
 				$keepLocalSession = true ; // do not let processSLO to delete the entire session. Let userSession->logout do the job
-				$targetUrl = $auth->processSLO($keepLocalSession, null, false, null, $stay);
-				
+				$targetUrl = $auth->processSLO(
+					$keepLocalSession,
+					null,
+					$this->SAMLSettings->usesSloWebServerDecode(),
+					null,
+					$stay
+				);
+
 				$errors = $auth->getErrors();
 				if (!empty($errors)) {
 					foreach($errors as $error) {
diff --git a/lib/SAMLSettings.php b/lib/SAMLSettings.php
index d25fa16..29a6839 100644
--- a/lib/SAMLSettings.php
+++ b/lib/SAMLSettings.php
@@ -88,6 +88,10 @@ class SAMLSettings {
 		return  ($setting === '1' && $type === 'saml');
 	}
 
+	public function usesSloWebServerDecode() : bool {
+		return $this->config->getAppValue('user_saml', 'security-sloWebServerDecode', '0') === '1';
+	}
+
 	/**
 	 * get config for given IDP
 	 *
diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php
index 6a7cf87..5ed13dc 100644
--- a/lib/Settings/Admin.php
+++ b/lib/Settings/Admin.php
@@ -90,7 +90,8 @@ class Admin implements ISettings {
 			'signatureAlgorithm' => [
 				'type' => 'line',
 				'text' => $this->l10n->t('Algorithm that the toolkit will use on signing process.')
-			]
+			],
+			'sloWebServerDecode' => $this->l10n->t('Retrieve query parameters from $_SERVER. Some SAML servers require this on SLO requests.'),
 		];
 		$generalSettings = [
 			'uid_mapping' => [
diff --git a/tests/unit/Settings/AdminTest.php b/tests/unit/Settings/AdminTest.php
index 2331169..7a97eb8 100644
--- a/tests/unit/Settings/AdminTest.php
+++ b/tests/unit/Settings/AdminTest.php
@@ -83,7 +83,8 @@ class AdminTest extends \Test\TestCase  {
 			'signatureAlgorithm' => [
 				'type' => 'line',
 				'text' => 'Algorithm that the toolkit will use on signing process.'
-			]
+			],
+			'sloWebServerDecode' => 'Retrieve query parameters from $_SERVER. Some SAML servers require this on SLO requests.',
 		];
 		$generalSettings = [
 			'idp0_display_name' => [