diff --git a/eidas-node-1.qa.sveidas.se/overlay/etc/hiera/data/secrets.yaml.asc b/eidas-node-1.qa.sveidas.se/overlay/etc/hiera/data/secrets.yaml.asc
index ef85d83c..df9bdeca 100644
--- a/eidas-node-1.qa.sveidas.se/overlay/etc/hiera/data/secrets.yaml.asc
+++ b/eidas-node-1.qa.sveidas.se/overlay/etc/hiera/data/secrets.yaml.asc
@@ -3,20 +3,21 @@ STATUS=UPDATED
 -----BEGIN PGP MESSAGE-----
 Version: GnuPG v2
 
-hQEMAx9ZlxbYMGVLAQgAiIhYBCE7uVCD9yEdjfmcZhfrO/iOticinJjyOIROcF4T
-HEnPz0TgRrJ/NeWX6WkaeS0+4pW7jhLacac70eE9MBg8XIKz2tFkSZKHeNBPjFwv
-zDInJmGmKFWbdqjLt49Bvau0GavzYoJxCo511vX0rpBn6a5vzAFP7GP8OyNpevbi
-pgY/DUrj9LG22NE0TAHbIHVb1bnyIFJu2d2NH/AZtJaOvWO0f5GPpY9In6+uUXZs
-X/AZtOIouqM67Mj0yQ2hX+TFTTanKQscKtsCoNJm8gRzRy4mvYingIOYe0/OpBbh
-gHvS+Fm3msocs8pt7A1B9qshux/9NTczY79iS4UE0tLA5AHSkIdtvVTPuRy+GpRS
-x/15CQvQiLdiw1WxorQPqx5g7kn16mMJWrL2DO2lU2LTBPRYsxpq5e2LwWKtGrN3
-gRsWW+v3WCtKcf8KW2+7pwVK2wqHXmH7FIr41oZfWPWmo4H4FXhf0JwsceB9XRMW
-1IF53vdE6SKT8jt5I824jOvaUyLw4nXX0WmZ93Gu6Y0mkIcNYTybwu/2zh2SwSFQ
-IXbICa11ONrc+4iCjKBtD3FdMAPz/535EMHw6vaWBUT730hQJ5GbyayxVJtMQKQF
-gd9K2J8pkgaHZDPG+kUBKY24VnqMtpgUo2gpFRfjf1TV8p7A45WeAVCUOeHI/hQh
-TaE9VgJTfFe3Ms7JDNjuxmk7LnsJLiEaUxJuRAc6Yvu6ELpfWodTe0mE9fUVdLzG
-gG51euOUfLoP5OtTT/gTuEuN/wFDtV3yXRNwcT/F+qQXnRx2sI9RigWAha+7EcdV
-e7N2gb8Gtx9uCcUET9qTbH0jnhjj96/eVmsqa7GY+nufUxLv2h9rZnibguBpNcTd
-wsOZFQkC8Szo6Bn9LWHyZbdN2rPUlQ==
-=xBpQ
+hQEMAx9ZlxbYMGVLAQf+PnmsClWMIWxTlGzLot/aWiZ1f5JDJNzumRx002azApdT
+QQQzta1NjnNb2CK44RiaH2/3afY6ZPeUjBx0sncpWmWZxhewigk/3av4tSWF6R1D
+xxkF0Dq3YWgcgjX5reuAQT9Xr6DwUNJStNWmCD1vcI7IhFTUryiihXYiyumtVcZ1
+cQsMV0pRC285yanNRHXI7WcN0naVALGoMiMxpLOkPiu3XF10MOuUvDXn75NyMipS
+8C4QnONf2yAGmw0Wk5I88cV+IvFNseYhEsrE0RVnaKoqje/rI7YbNDnHn0uZ5kyX
+j84N64ozzasPVAMMbzLAnSareQ/iOokhpv4VDOeAkdLBIgExF8jxnggpMBqqSn+t
+fz72XKVACQ3H5RksoiS3F6VkVJ12TciqtUSy+/mwbd32NFHvdeS0T5A9rrbQDxIi
+A4rN4ztWpyZw3hakpTKS9qbS67/MqBBMB3fDdoaMeov8iGMDNWjjjbCngkfXFcmi
+cVpGVSzvKaBi1NlbIXN10Q4MtH3C46faDOHm4fREx4ejUT8jjM/2W2IryaraxNkc
+pmhjGi265sfSMwt9LOe9d2dCB0P48RKU+FqPlxI+giyVFsWHoAE4EcPxL0aUbjX1
+G6ESI4WU8U2XntL5B8AXjsBnRZ0ps+qUKUaOvzv8v/Vz2TI5s2G/FQBcs5FCcMBP
+rmWHl+kcnHfgH38s1sCI78Qp1LzevCI1SMK0r61ylR6YRy+V8oHD8gl9iW9cohWi
+Fq3gD99JxuJDpNlduZl+LxocwGYEHWik7sWUaCgQmVaALEJygOEPzkXMYx3d/x0l
+NjZJyTqFIb+7bAj5fkKgXqVP/Siz2NDQIccRNaJDRlpHer/qC4WTdUClqjMWvqCh
+itmmX3AzG12cummTyQKnwb95rqX6F2SmbDyqqctjTl9DhDWrNQcEnpSrC9MrUjXm
+Fpq0dqBQD36zGFb9jfzdtXabJaNBaPiKll/PydxFQiP2J1ZJ
+=7x1u
 -----END PGP MESSAGE-----
diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp
index a31d0fe1..cd4e3e50 100644
--- a/global/overlay/etc/puppet/manifests/cosmos-site.pp
+++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp
@@ -199,6 +199,7 @@ class swamid_pyff_signer {
 class eidas_connector {
    $hostname = safe_hiera('eidas_connector_hostname')
    $idp_fticks_salt = safe_hiera('idp_fticks_salt',NOT_SET);
+   $idp_persistent_id_salt = safe_hiera('idp_persistent_id_salt',NOT_SET);
    file {['/etc/eidas-connector','/var/log/eidas-connector']: ensure => directory } ->
    sunet::docker_run {'eidas_connector':
       image    => 'docker.sunet.se/eidas-connector',
@@ -209,6 +210,7 @@ class eidas_connector {
       env      => ["IDP_SERVER_HOSTNAME=$hostname",
                    "IDP_ENTITY_ID=https://$hostname/eidas",
                    "SP_ENTITY_ID=https://$hostname/idp/metadata/sp",
+                   "IDP_PERSISTENT_ID_SALT=$idp_persistent_id_salt",
                    "IDP_FTICKS_SALT=$idp_fticks_salt"]
    } ->
    class {'webserver': } ->