diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Attributes.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Attributes.pm
index f07df2e48..5b0e58982 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Attributes.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Attributes.pm
@@ -678,6 +678,13 @@ has 'openIdAuthnLevel' => (
     documentation => 'OpenID authentication level',
 );
 
+has 'openIdExportedVars' => (
+    is            => 'rw',
+    isa           => 'HashRef',
+    default       => sub { return {}; },
+    documentation => 'OpenID exported variables',
+);
+
 has 'openIdSreg_email' => (
     is            => 'rw',
     isa           => 'Str',
diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Serializer.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Serializer.pm
index 354f9c959..05223cac4 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Serializer.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Serializer.pm
@@ -120,6 +120,7 @@ sub unserialize {
 	|logoutServices
 	|macros
 	|notificationStorageOptions
+	|openIdExportedVars
 	|persistentStorageOptions
 	|portalSkinRules
 	|post
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
index 4df2888ff..80e13defd 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
@@ -560,10 +560,17 @@ sub struct {
 
                 # OpenID
                 openIdParams => {
-                    _nodes => [qw(openIdAuthnLevel openIdSecret openIdIDPList)],
-                    _help  => 'authOpenID',
-                    openIdAuthnLevel => 'int:/openIdAuthnLevel',
-                    openIdSecret     => 'text:/openIdSecret',
+                    _nodes => [
+                        qw(openIdAuthnLevel cn:openIdExportedVars openIdSecret openIdIDPList)
+                    ],
+                    _help              => 'authOpenID',
+                    openIdAuthnLevel   => 'int:/openIdAuthnLevel',
+                    openIdExportedVars => {
+                        _nodes => ['hash:/openIdExportedVars:vars:btext'],
+                        _js    => 'hashRoot',
+                        _help  => 'authOpenID',
+                    },
+                    openIdSecret => 'text:/openIdSecret',
                     openIdIDPList =>
                       'text:/openIdIDPList:authOpenID:openididplist',
                 },
@@ -1681,8 +1688,14 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
             keyTest    => qr/^\w+$/,
             keyMsgFail => 'Bad parameter',
         },
-        notifyDeleted            => $boolean,
-        notifyOther              => $boolean,
+        notifyDeleted      => $boolean,
+        notifyOther        => $boolean,
+        openIdExportedVars => {
+            keyTest    => qr/^!?[a-zA-Z][\w-]*$/,
+            keyMsgFail => 'Bad variable name',
+            test       => qr/^[a-zA-Z][\w:\-]*$/,
+            msgFail    => 'Bad attribute name',
+        },
         persistentStorageOptions => {
             keyTest    => qr/^\w+$/,
             keyMsgFail => 'Bad parameter',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
index 5c5cc44c3..ffdb8d325 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
@@ -260,6 +260,7 @@ sub en {
         nullParams                  => 'Null parameters',
         openIdAttr                  => 'OpenID login',
         openIdAuthnLevel            => 'Authentication level',
+        openIdExportedVars          => 'Exported variables',
         openIdIDPList               => 'Authorizated domains',
         openIdIssuerSecret          => 'Secret token',
         openIdParams                => 'OpenID parameters',
@@ -754,6 +755,7 @@ sub fr {
         nullParams                  => 'Paramètres Null',
         openIdAttr                  => 'Identifiant OpenID',
         openIdAuthnLevel            => 'Niveau d\'authentification',
+        openIdExportedVars          => 'Variables exportées',
         openIdIDPList               => 'Domaines autorisés',
         openIdIssuerSecret          => 'Jeton secret',
         openIdParams                => 'Paramètres OpenID',
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenID.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenID.pm
index 40d206dae..46bea80bd 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenID.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenID.pm
@@ -13,7 +13,7 @@ use Lemonldap::NG::Portal::_Browser;
 use Cache::FileCache;
 
 our @ISA     = (qw(Lemonldap::NG::Portal::_Browser));
-our $VERSION = '1.3.0';
+our $VERSION = '1.4.0';
 our $initDone;
 
 BEGIN {
@@ -149,7 +149,9 @@ sub extractFormInfo {
         # compatible fields
         if ( $self->get_module('user') eq 'OpenID' ) {
             my ( @r, @o );
-            while ( my ( $v, $k ) = each %{ $self->{exportedVars} } ) {
+            my %vars =
+              ( %{ $self->{exportedVars} }, %{ $self->{openIdExportedVars} } );
+            while ( my ( $v, $k ) = each %vars ) {
                 if ( $k =~ Lemonldap::NG::Common::Regexp::OPENIDSREGATTR() ) {
                     if   ( $v =~ s/^!// ) { push @r, $k }
                     else                  { push @o, $k }
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBOpenID.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBOpenID.pm
index 2b072d707..94879f73c 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBOpenID.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBOpenID.pm
@@ -9,7 +9,7 @@ use strict;
 use Lemonldap::NG::Portal::Simple;
 use Lemonldap::NG::Common::Regexp;
 
-our $VERSION = '1.0.0';
+our $VERSION = '1.4.0';
 
 ## @apmethod int userDBInit()
 # Check if authentication module is OpenID
@@ -41,35 +41,32 @@ sub getUser {
 # @return Lemonldap::NG::Portal error code
 sub setSessionInfo {
     my $self = shift;
-    if ( ref( $self->{exportedVars} ) eq 'HASH' ) {
-        while ( my ( $k, $v ) = each %{ $self->{exportedVars} } ) {
-            my $attr = $k;
-            my $required = ( $attr =~ s/^!// );
-            if ( $v =~ Lemonldap::NG::Common::Regexp::OPENIDSREGATTR() ) {
-                $self->{sessionInfo}->{$attr} = $self->param("openid.sreg.$v");
-            }
-            else {
-                $self->lmLog(
-                    'Ignoring attribute ' 
-                      . $v
-                      . ' which is not a valid OpenID SREG attribute',
-                    'warn'
-                );
-            }
 
-            if ( $required and not defined( $self->{sessionInfo}->{$attr} ) ) {
-                $self->lmLog(
-"Required parameter $attr is not provided by OpenID server, aborted",
-                    'warn'
-                );
-
-                $self->{mustRedirect} = 0;
-                return PE_MISSINGREQATTR;
-            }
+    my %vars = ( %{ $self->{exportedVars} }, %{ $self->{openIdExportedVars} } );
+    while ( my ( $k, $v ) = each %vars ) {
+        my $attr = $k;
+        my $required = ( $attr =~ s/^!// );
+        if ( $v =~ Lemonldap::NG::Common::Regexp::OPENIDSREGATTR() ) {
+            $self->{sessionInfo}->{$attr} = $self->param("openid.sreg.$v");
+        }
+        else {
+            $self->lmLog(
+                'Ignoring attribute ' 
+                  . $v
+                  . ' which is not a valid OpenID SREG attribute',
+                'warn'
+            );
+        }
+
+        if ( $required and not defined( $self->{sessionInfo}->{$attr} ) ) {
+            $self->lmLog(
+"Required parameter $attr is not provided by OpenID server, aborted",
+                'warn'
+            );
+
+            $self->{mustRedirect} = 0;
+            return PE_MISSINGREQATTR;
         }
-    }
-    else {
-        $self->abort('Only hash reference are supported now in exportedVars');
     }
     PE_OK;
 }