Thanks Joe, works perfectly fine... Do have a residual issue though... one of the parameters is actually a base64 encoded saml response and for some reason seems like the route via https assertion is replacing all "+" in the bases64 string with space, causing decoding on the other side to fail. Any idea how to fix that?