diff --git a/ssoauth/app_settings/__init__.py b/ssoauth/app_settings/__init__.py
index a37efc20322ec52082dfc2fbed1fd2547945e663..6de60b5e869b15e288c21e88bab418ed72f199c4 100644
--- a/ssoauth/app_settings/__init__.py
+++ b/ssoauth/app_settings/__init__.py
@@ -1,6 +1,7 @@
 from django import conf
 from datetime import datetime, timedelta
 from onelogin.saml2 import settings as onelogin_settings
+from onelogin.saml2.constants import OneLogin_Saml2_Constants as onelogin_constants
 import sys
 from .defaults import *
 
@@ -37,7 +38,7 @@ ONELOGIN_SETTINGS_TEMPLATE = {
         },
         "x509cert": _SET_ON_RUNTIME,
         "privateKey": _SET_ON_RUNTIME,
-        "NameIDFormat": onelogin_settings.OneLogin_Saml2_Constants.NAMEID_PERSISTENT,  # otherwise Shibboleth shows warnings
+        "NameIDFormat": onelogin_constants.NAMEID_TRANSIENT,
     },
     "idp": {
         "entityId": IDP_META_URL,
@@ -63,7 +64,7 @@ ONELOGIN_SETTINGS_TEMPLATE = {
         "signMetadata": True,
         "wantMessagesSigned": True,
         "wantAssertionsSigned": True,
-        "wantNameId": True,
+        "wantNameId": False,  # set to True for SLO support (Single Log Out)
         "wantNameIdEncrypted": False,
         "wantAssertionsEncrypted": True,
         "signatureAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512",