diff --git a/docs/reference/lasso/lasso-sections.txt b/docs/reference/lasso/lasso-sections.txt
index 87d69e86..3ce5d3db 100644
--- a/docs/reference/lasso/lasso-sections.txt
+++ b/docs/reference/lasso/lasso-sections.txt
@@ -21,6 +21,7 @@ lasso_server_set_encryption_private_key
 lasso_server_set_encryption_private_key_with_password
 lasso_server_load_affiliation
 lasso_server_get_endpoint_url_by_id
+lasso_server_get_filtered_provider_list
 lasso_server_saml2_assertion_setup_signature
 <SUBSECTION Standard>
 LASSO_SERVER
diff --git a/lasso/id-ff/server.c b/lasso/id-ff/server.c
index ab728609..348cde7d 100644
--- a/lasso/id-ff/server.c
+++ b/lasso/id-ff/server.c
@@ -558,6 +558,63 @@ lasso_server_get_providerID_from_hash(LassoServer *server, gchar *b64_hash)
 	return NULL;
 }
 
+typedef struct {
+	GList *provider_list;
+	LassoProvider *provider;
+	LassoProviderRole role;
+	LassoMdProtocolType protocol_type;
+	LassoHttpMethod http_method;
+} FilteredProviderListContext;
+
+static void
+filter_provider_list(G_GNUC_UNUSED gpointer key, gpointer value, gpointer user_data)
+{
+	LassoProvider *remote_provider = (LassoProvider*)value;
+	FilteredProviderListContext *context = (FilteredProviderListContext*)user_data;
+
+	if (remote_provider->role == context->role) {
+		if (lasso_provider_accept_http_method(context->provider, remote_provider,
+											  context->protocol_type, context->http_method, FALSE)) {
+			lasso_list_add_string(context->provider_list, remote_provider->ProviderID);
+		}
+	}
+}
+
+
+/**
+ * lasso_server_get_filtered_provider_list
+ * @server: a #LassoServer
+ * @role: each returned provider will match this #LassoProviderRole
+ * @protocol_type: provider must have endpoint matching #LassoMdProtocolType and @http_method
+ * @http_method: provider must have endpoint matching #LassoHttpMethod and @protocol_type
+ *
+ * Iterate over the @server providers and build a list of provider EntityID's who
+ * have the specified @role and at least one endpoint matching the
+ * @protocol_type and @http_method. Return a #GList list of EntityID's at the
+ * @provider_list pointer. The caller is responsible for freeing the @provider_list
+ * by calling lasso_release_list_of_strings().
+ *
+ * Return value:(transfer full)(element-type string):  #GList of matching provider EntityID's returned here.
+ */
+GList *
+lasso_server_get_filtered_provider_list(const LassoServer *server, LassoProviderRole role,
+										LassoMdProtocolType protocol_type,
+										LassoHttpMethod http_method)
+{
+	FilteredProviderListContext context;
+
+	context.provider_list = NULL;
+	context.provider = LASSO_PROVIDER(server);
+	context.role = role;
+	context.protocol_type = protocol_type;
+	context.http_method = http_method;
+
+	g_hash_table_foreach(server->providers,
+						 filter_provider_list, &context);
+
+	return context.provider_list;
+}
+
 /*****************************************************************************/
 /* overridden parent class methods                                           */
 /*****************************************************************************/
diff --git a/lasso/id-ff/server.h b/lasso/id-ff/server.h
index 087898af..8b419279 100644
--- a/lasso/id-ff/server.h
+++ b/lasso/id-ff/server.h
@@ -130,6 +130,10 @@ LASSO_EXPORT lasso_error_t lasso_server_add_provider2(LassoServer *server, Lasso
 LASSO_EXPORT gchar *lasso_server_get_endpoint_url_by_id(const LassoServer *server,
 	const gchar *provider_id, const gchar *endpoint_description);
 
+LASSO_EXPORT GList *lasso_server_get_filtered_provider_list(const LassoServer *server,
+	LassoProviderRole role, LassoMdProtocolType protocol_type, LassoHttpMethod http_method);
+
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */