On May 7, 2020, at 2:45 PM, Alan DeKok <aland@deployingradius.com<mailto:aland@deployingradius.com>> wrote: On May 7, 2020, at 2:17 PM, Michael A Carpenter - macarpen@us.ibm.com<mailto:macarpen@us.ibm.com> <macarpen@us.ibm.com<mailto:macarpen@us.ibm.com>> wrote: I'm trying to return the Vendor-Specific attribute with value "H=4,I=4" using the rlm_rest module. I've tried the following authorization response payloads: {"Attr-26": "0x483d342c493d34"} {"Vendor-Specific": "H=4,I=4"} Both resulted in error: Please don't do that. It's terrible. If you need that in order to interoperate with an idiot vendor, fine. But if you're doing something yourself, this is 1000% the wrong thing to do. The former, vendor is SuperMicro You *cannot* and *should not* specify values for the Vendor-Specific attribute. That attribute does not have values like other attributes. Instead, it carries a 32-bit vendor number, followed by encapsulated vendor attributes. So... why are you doing this? I arrived at those values based on http://lists.freeradius.org/pipermail/freeradius-users/2017-November/089770.... and https://www.supermicro.com/support/faqs/faq.cfm?faq=22374 Any suggestions for what might be incompatible about the value? It fails to follow the RFCs. See https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_rfc... Which defines the "vsa" data type, for the Vendor-Specific attribute. As the author of that specification, I feel uniquely qualified to say that your usage of Vendor-Specific is wrong. :) No argument here :)