diff --git a/modules/saml/www/sp/saml2-acs.php b/modules/saml/www/sp/saml2-acs.php
index c2ec998ffb4aa7c5f7603214ab9ffb3c05b46e8c..23a4de7da41cce4f7c9bdfa5f14be0c0817591ae 100644
--- a/modules/saml/www/sp/saml2-acs.php
+++ b/modules/saml/www/sp/saml2-acs.php
@@ -82,10 +82,10 @@ if ($prevAuth !== null && $prevAuth['id'] === $response->getId() && $prevAuth['i
     throw new \SimpleSAML\Error\Exception('Duplicate assertion received.');
 }
 
-$idpMetadata = [];
-
+$idpMetadata = null;
 $state = null;
 $stateId = $response->getInResponseTo();
+
 if (!empty($stateId)) {
     // this should be a response to a request we sent earlier
     try {
@@ -131,7 +131,7 @@ if ($state) {
 
 SimpleSAML\Logger::debug('Received SAML2 Response from '.var_export($issuer, true).'.');
 
-if (empty($idpMetadata)) {
+if (is_null($idpMetadata)) {
     $idpMetadata = $source->getIdPmetadata($issuer);
 }