diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php
index ff80e3c3c33637b640bc3f4f58701e7b9a76c3e1..17528226d42e53222b073881c553370d0355b058 100644
--- a/modules/saml/www/sp/saml2-acs.php
+++ b/modules/saml/www/sp/saml2-acs.php
@@ -126,15 +126,11 @@ if ($state) {
     }
 } else {
     // this is an unsolicited response
+    $relaystate = $spMetadata->getString('RelayState', $response->getRelayState());
     $state = [
         'saml:sp:isUnsolicited' => true,
         'saml:sp:AuthId'        => $sourceId,
-        'saml:sp:RelayState'    => Utils\HTTP::checkURLAllowed(
-            $spMetadata->getString(
-                'RelayState',
-                $response->getRelayState()
-            )
-        ),
+        'saml:sp:RelayState'    => $relaystate === null ? null : Utils\HTTP::checkURLAllowed($relaystate),
     ];
 }