diff --git a/digid_eherkenning/saml2/eherkenning.py b/digid_eherkenning/saml2/eherkenning.py
index 5f5f96a..a64d0b5 100644
--- a/digid_eherkenning/saml2/eherkenning.py
+++ b/digid_eherkenning/saml2/eherkenning.py
@@ -469,6 +469,11 @@ def create_config_dict(self, conf: EHerkenningConfig) -> EHerkenningSAMLConfig:
         config_dict: EHerkenningSAMLConfig = super().create_config_dict(conf)
 
         sp_config = config_dict["sp"]
+        # may not be included for eHerkenning/EIDAS since AS1.24a, see:
+        # https://afsprakenstelsel.etoegang.nl/Startpagina/v3/dv-metadata-for-hm
+        #
+        #    ... Elements not listed in this table MUST NOT be included in the metadata.
+        del sp_config["NameIDFormat"]
 
         # we have multiple services, so delete the config for the "single service" variant
         attribute_consuming_services = create_attribute_consuming_services(conf)
diff --git a/digid_eherkenning/types.py b/digid_eherkenning/types.py
index 36ef8c8..f55e1f4 100644
--- a/digid_eherkenning/types.py
+++ b/digid_eherkenning/types.py
@@ -48,7 +48,7 @@ class ServiceProviderSAMLConfig(TypedDict):
     assertionConsumerService: dict
     singleLogoutService: dict
     attributeConsumingServices: list[dict]
-    NameIDFormat: str
+    NameIDFormat: str  # may not be included for eHerkenning
     x509cert: str
     privateKey: str
     privateKeyPassphrase: Optional[str]