diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml
index 74b2956..43ac8f9 100644
--- a/global/overlay/etc/puppet/cosmos-rules.yaml
+++ b/global/overlay/etc/puppet/cosmos-rules.yaml
@@ -98,4 +98,5 @@ zammad-test.cert.sunet.se:
     groups:
       - 'sunet-cert'
     entityID: 'https://test-sso-proxy.cert.sunet.se/idp'
-    remote_user: true
+    user_header: 'Remote-User'
+    single_user: true
diff --git a/global/overlay/etc/puppet/modules/soc/manifests/sso.pp b/global/overlay/etc/puppet/modules/soc/manifests/sso.pp
index 393f486..7917c8c 100644
--- a/global/overlay/etc/puppet/modules/soc/manifests/sso.pp
+++ b/global/overlay/etc/puppet/modules/soc/manifests/sso.pp
@@ -39,6 +39,7 @@ class soc::sso(
   Array             $passthrough        = [],
   Boolean           $x_remote_user      = false,
   Boolean           $remote_user        = false,
+  String            $user_header        = undef,
   Boolean           $unset_auth_header  = false,
   Boolean           $single_user        = false,
   Boolean           $satosa             = true,
diff --git a/global/overlay/etc/puppet/modules/soc/templates/sso/apache-site.conf.erb b/global/overlay/etc/puppet/modules/soc/templates/sso/apache-site.conf.erb
index 6e51003..baa318c 100644
--- a/global/overlay/etc/puppet/modules/soc/templates/sso/apache-site.conf.erb
+++ b/global/overlay/etc/puppet/modules/soc/templates/sso/apache-site.conf.erb
@@ -38,7 +38,11 @@
         AuthType shibboleth
         ShibRequestSetting requireSession On
 
-        <%- if @x_remote_user -%>
+        <%- if @user_header && !@single_user -%>
+        RequestHeader set @user_header %{REMOTE_USER}s
+        <%- elsif @user_header && $single_user -%>
+        RequestHeader set @user_header soc-user
+        <%- elsif @x_remote_user -%>
         RequestHeader set X-Remote-User %{REMOTE_USER}s
         <%- elsif @remote_user -%>
         RequestHeader set Remote-User %{REMOTE_USER}s