diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t
index aa52da0a9..df310a94d 100644
--- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t
+++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t
@@ -11,7 +11,7 @@ BEGIN {
     require 't/saml-lib.pm';
 }
 
-my $maintests = 17;
+my $maintests = 19;
 my $debug     = 'error';
 my ( $issuer, $sp, $res );
 
@@ -47,7 +47,41 @@ SKIP: {
     expectOK($res);
     my $idpId = expectCookie($res);
 
-    # Query IdP to access to SP
+    # Query IdP to access to SP (override URL)
+    ok(
+        $res = $issuer->_get(
+            '/saml/singleSignOn',
+            query  => buildForm({
+                IDPInitiated => 1,
+                spConfKey => 'sp.com',
+                spDest => 'http://auth.alternate.com/saml/proxySingleSignOnPost',
+            }),
+            cookie => "lemonldap=$idpId",
+            accept => 'test/html'
+        ),
+        'Query IdP to access to SP'
+    );
+    my ( $host, $url, $query ) =
+      expectAutoPost( $res, 'auth.alternate.com', '/saml/proxySingleSignOnPost',
+        'SAMLResponse' );
+
+    # Query IdP to access to SP (unrecognized URL)
+    ok(
+        $res = $issuer->_get(
+            '/saml/singleSignOn',
+            query  => buildForm({
+                IDPInitiated => 1,
+                spConfKey => 'sp.com',
+                spDest => 'http://auth.perdu.com/saml/proxySingleSignOnPost',
+            }),
+            cookie => "lemonldap=$idpId",
+            accept => 'test/html'
+        ),
+        'Query IdP to access to SP'
+    );
+    expectPortalError( $res, 51, "Bad destination" );
+
+    # Query IdP to access to SP (normal URL)
     ok(
         $res = $issuer->_get(
             '/saml/singleSignOn',
diff --git a/lemonldap-ng-portal/t/saml-lib.pm b/lemonldap-ng-portal/t/saml-lib.pm
index c0ebfeda9..62f364e47 100644
--- a/lemonldap-ng-portal/t/saml-lib.pm
+++ b/lemonldap-ng-portal/t/saml-lib.pm
@@ -370,6 +370,9 @@ entityID="http://auth.$name.com/saml/metadata">
     <AssertionConsumerService isDefault="false" index="1"
      Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
      Location="http://auth.$name.com/saml/proxySingleSignOnArtifact" />
+    <AssertionConsumerService isDefault="true" index="2"
+     Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+     Location="http://auth.alternate.com/saml/proxySingleSignOnPost" />
   </SPSSODescriptor>
   <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">