diff --git a/jhub_remote_user_authenticator/remote_user_auth.py b/jhub_remote_user_authenticator/remote_user_auth.py
index f9e4d80e83d016c4c4ba24f6901f3b2278f4541f..cc3e5704c28e98257a73c51f3dbc28abddcdf501 100644
--- a/jhub_remote_user_authenticator/remote_user_auth.py
+++ b/jhub_remote_user_authenticator/remote_user_auth.py
@@ -10,13 +10,24 @@ from traitlets import Unicode
 class RemoteUserLoginHandler(BaseHandler):
 
     def get(self):
-        header_name = self.authenticator.header_name
-        remote_user = self.request.headers.get(header_name, "")
+        user_persistent_hash = self.request.headers.get("persistent-hash", "")
+        user_pairwise_id = self.request.headers.get("pairwise-id", "")
         
-        if remote_user == "":
+        if user_persistent_hash == "" and user_pairwise_id == "":
             self.welcome_page()
         else:
-            user = self.user_from_username(remote_user)
+            # Rename old user names using persistent hash to pairwise-id names
+            # TODO: remove once all users use new pairwise-id name
+            #       Only possible as soon as user-lifecycle has been activated.
+            user = self.find_user(user_persistent_hash)
+            if user is not None:
+                user.name = user_pairwise_id
+                user.db.commit()
+
+                self.log.info("Renamed old persistent-hash user '%s' to '%s'", user_persistent_hash, user_pairwise_id)
+            # TODO END
+
+            user = self.user_from_username(user_pairwise_id)
             self.set_login_cookie(user)
             
             next_url = self.get_next_url(user)
@@ -46,10 +57,6 @@ class RemoteUserAuthenticator(Authenticator):
     """
     Accept the authenticated user name from the REMOTE_USER HTTP header.
     """
-    header_name = Unicode(
-        default_value='REMOTE_USER',
-        config=True,
-        help="""HTTP header to inspect for the authenticated username.""")
 
     def get_handlers(self, app):
         return [
@@ -57,7 +64,7 @@ class RemoteUserAuthenticator(Authenticator):
         ]
     
     def login_url(self, base_url):
-        return self.domain + '/Shibboleth.sso/Login
+        return self.domain + '/Shibboleth.sso/Login'
 
     def logout_url(self, base_url):
         return self.domain + '/Shibboleth.sso/Logout?return=/'
@@ -73,10 +80,6 @@ class RemoteUserLocalAuthenticator(LocalAuthenticator):
     Derived from LocalAuthenticator for use of features such as adding
     local accounts through the admin interface.
     """
-    header_name = Unicode(
-        default_value='REMOTE_USER',
-        config=True,
-        help="""HTTP header to inspect for the authenticated username.""")
 
     def get_handlers(self, app):
         return [