diff --git a/modules/saml/lib/Auth/Source/SP.php b/modules/saml/lib/Auth/Source/SP.php
index 605b3c426b77e1a6d83b0eb82c76275a3f7e9a08..b14fbaa2c7cd934197caab4cc4e6ced8819497fc 100644
--- a/modules/saml/lib/Auth/Source/SP.php
+++ b/modules/saml/lib/Auth/Source/SP.php
@@ -171,7 +171,7 @@ class sspmod_saml_Auth_Source_SP extends SimpleSAML_Auth_Source {
 		$ar->setProtocolBinding(SAML2_Const::BINDING_HTTP_POST);
 
 		$id = SimpleSAML_Auth_State::saveState($state, 'saml:sp:ssosent-saml2');
-		$ar->setRelayState($id);
+		$ar->setId($id);
 
 		$b = new SAML2_HTTPRedirect();
 		$b->setDestination(sspmod_SAML2_Message::getDebugDestination());
diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php
index 8b28d504c0d2cfe5702531d5a256b8ddc07b027f..3b99b0138d8d8a4d21697062f59f9af9aedc399c 100644
--- a/modules/saml/www/sp/saml2-acs.php
+++ b/modules/saml/www/sp/saml2-acs.php
@@ -13,10 +13,10 @@ if (!($response instanceof SAML2_Response)) {
 	throw new SimpleSAML_Error_BadRequest('Invalid message received to AssertionConsumerService endpoint.');
 }
 
-$relayState = $response->getRelayState();
-if (!empty($relayState)) {
+$stateId = $response->getInResponseTo();
+if (!empty($stateId)) {
 	/* This is a response to a request we sent earlier. */
-	$state = SimpleSAML_Auth_State::loadState($relayState, 'saml:sp:ssosent-saml2');
+	$state = SimpleSAML_Auth_State::loadState($stateId, 'saml:sp:ssosent-saml2');
 
 	/* Check that the authentication source is correct. */
 	assert('array_key_exists("saml:sp:AuthId", $state)');