diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 5d915a090..8dc267ef2 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -4456,6 +4456,12 @@ static int hostapd_config_fill(struct hostapd_config *conf,
 	} else if (os_strcmp(buf, "dpp_mud_url") == 0) {
 		os_free(bss->dpp_mud_url);
 		bss->dpp_mud_url = os_strdup(pos);
+	} else if (os_strcmp(buf, "dpp_extra_conf_req_name") == 0) {
+		os_free(bss->dpp_extra_conf_req_name);
+		bss->dpp_extra_conf_req_name = os_strdup(pos);
+	} else if (os_strcmp(buf, "dpp_extra_conf_req_value") == 0) {
+		os_free(bss->dpp_extra_conf_req_value);
+		bss->dpp_extra_conf_req_value = os_strdup(pos);
 	} else if (os_strcmp(buf, "dpp_connector") == 0) {
 		os_free(bss->dpp_connector);
 		bss->dpp_connector = os_strdup(pos);
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index 1c4ca71a9..ea67aa100 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -2514,6 +2514,12 @@ own_ip_addr=127.0.0.1
 # MUD URL for Enrollee's DPP Configuration Request (optional)
 #dpp_mud_url=https://example.com/mud
 
+# JSON node name of additional data for Enrollee's DPP Configuration Request
+#dpp_extra_conf_req_name=org.example
+
+# JSON node data of additional data for Enrollee's DPP Configuration Request
+#dpp_extra_conf_req_value="abc":123
+
 #dpp_connector
 #dpp_netaccesskey
 #dpp_netaccesskey_expiry
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 1c229c6c7..63af3d047 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -947,6 +947,8 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf)
 #ifdef CONFIG_DPP
 	os_free(conf->dpp_name);
 	os_free(conf->dpp_mud_url);
+	os_free(conf->dpp_extra_conf_req_name);
+	os_free(conf->dpp_extra_conf_req_value);
 	os_free(conf->dpp_connector);
 	wpabuf_free(conf->dpp_netaccesskey);
 	wpabuf_free(conf->dpp_csign);
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 9fb385717..c5701cc00 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -755,6 +755,8 @@ struct hostapd_bss_config {
 #ifdef CONFIG_DPP
 	char *dpp_name;
 	char *dpp_mud_url;
+	char *dpp_extra_conf_req_name;
+	char *dpp_extra_conf_req_value;
 	char *dpp_connector;
 	struct wpabuf *dpp_netaccesskey;
 	unsigned int dpp_netaccesskey_expiry;
diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c
index e99e658ca..47174a71b 100644
--- a/src/ap/dpp_hostapd.c
+++ b/src/ap/dpp_hostapd.c
@@ -343,6 +343,9 @@ static int hostapd_dpp_pkex_done(void *ctx, void *conn,
 
 	return dpp_tcp_auth(hapd->iface->interfaces->dpp, conn, auth,
 			    hapd->conf->dpp_name, DPP_NETROLE_AP,
+			    hapd->conf->dpp_mud_url,
+			    hapd->conf->dpp_extra_conf_req_name,
+			    hapd->conf->dpp_extra_conf_req_value,
 			    hostapd_dpp_process_conf_obj, NULL);
 }
 #endif /* CONFIG_DPP2 */
@@ -928,7 +931,10 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd)
 	if (tcp)
 		return dpp_tcp_init(hapd->iface->interfaces->dpp, auth,
 				    &ipaddr, tcp_port, hapd->conf->dpp_name,
-				    DPP_NETROLE_AP, hapd->msg_ctx, hapd,
+				    DPP_NETROLE_AP, hapd->conf->dpp_mud_url,
+				    hapd->conf->dpp_extra_conf_req_name,
+				    hapd->conf->dpp_extra_conf_req_value,
+				    hapd->msg_ctx, hapd,
 				    hostapd_dpp_process_conf_obj, NULL);
 #endif /* CONFIG_DPP2 */
 
@@ -1287,7 +1293,9 @@ static void hostapd_dpp_start_gas_client(struct hostapd_data *hapd)
 
 	buf = dpp_build_conf_req_helper(auth, hapd->conf->dpp_name,
 					DPP_NETROLE_AP,
-					hapd->conf->dpp_mud_url, NULL);
+					hapd->conf->dpp_mud_url, NULL,
+					hapd->conf->dpp_extra_conf_req_name,
+					hapd->conf->dpp_extra_conf_req_value);
 	if (!buf) {
 		wpa_printf(MSG_DEBUG,
 			   "DPP: No configuration request data available");
diff --git a/src/common/dpp.c b/src/common/dpp.c
index 6c1b5be0e..4ef736c0e 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -969,7 +969,9 @@ struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,
 struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
 					  const char *name,
 					  enum dpp_netrole netrole,
-					  const char *mud_url, int *opclasses)
+					  const char *mud_url, int *opclasses,
+					  const char *extra_name,
+					  const char *extra_value)
 {
 	size_t len, name_len;
 	const char *tech = "infra";
@@ -992,6 +994,8 @@ struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
 	len = 100 + name_len * 6 + 1 + int_array_len(opclasses) * 4;
 	if (mud_url && mud_url[0])
 		len += 10 + os_strlen(mud_url);
+	if (extra_name && extra_value && extra_name[0] && extra_value[0])
+		len += 10 + os_strlen(extra_name) + os_strlen(extra_value);
 #ifdef CONFIG_DPP2
 	if (auth->csr) {
 		size_t csr_len;
@@ -1031,6 +1035,10 @@ struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
 		json_value_sep(json);
 		json_add_string(json, "pkcs10", csr);
 	}
+	if (extra_name && extra_value && extra_name[0] && extra_value[0]) {
+		json_value_sep(json);
+		wpabuf_printf(json, "\"%s\":%s", extra_name, extra_value);
+	}
 	json_end_object(json);
 
 	buf = dpp_build_conf_req(auth, wpabuf_head(json));
diff --git a/src/common/dpp.h b/src/common/dpp.h
index 8202ef818..af0341313 100644
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -586,7 +586,9 @@ struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,
 struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
 					  const char *name,
 					  enum dpp_netrole netrole,
-					  const char *mud_url, int *opclasses);
+					  const char *mud_url, int *opclasses,
+					  const char *extra_name,
+					  const char *extra_value);
 int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr,
 		     const u8 *attr_start, size_t attr_len);
 int dpp_notify_new_qr_code(struct dpp_authentication *auth,
@@ -744,15 +746,20 @@ int dpp_tcp_pkex_init(struct dpp_global *dpp, struct dpp_pkex *pkex,
 				       struct dpp_bootstrap_info *bi));
 int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth,
 		 const struct hostapd_ip_addr *addr, int port,
-		 const char *name, enum dpp_netrole netrole, void *msg_ctx,
-		 void *cb_ctx,
+		 const char *name, enum dpp_netrole netrole,
+		 const char *mud_url,
+		 const char *extra_conf_req_name,
+		 const char *extra_conf_req_value,
+		 void *msg_ctx, void *cb_ctx,
 		 int (*process_conf_obj)(void *ctx,
 					 struct dpp_authentication *auth),
 		 bool (*tcp_msg_sent)(void *ctx,
 				      struct dpp_authentication *auth));
 int dpp_tcp_auth(struct dpp_global *dpp, void *_conn,
 		 struct dpp_authentication *auth, const char *name,
-		 enum dpp_netrole netrole,
+		 enum dpp_netrole netrole, const char *mud_url,
+		 const char *extra_conf_req_name,
+		 const char *extra_conf_req_value,
 		 int (*process_conf_obj)(void *ctx,
 					 struct dpp_authentication *auth),
 		 bool (*tcp_msg_sent)(void *ctx,
diff --git a/src/common/dpp_tcp.c b/src/common/dpp_tcp.c
index d7c232841..cbe8d2ca5 100644
--- a/src/common/dpp_tcp.c
+++ b/src/common/dpp_tcp.c
@@ -48,6 +48,9 @@ struct dpp_connection {
 	unsigned int gas_comeback_in_progress:1;
 	u8 gas_dialog_token;
 	char *name;
+	char *mud_url;
+	char *extra_conf_req_name;
+	char *extra_conf_req_value;
 	enum dpp_netrole netrole;
 };
 
@@ -118,6 +121,9 @@ static void dpp_connection_free(struct dpp_connection *conn)
 	dpp_auth_deinit(conn->auth);
 	dpp_pkex_free(conn->pkex);
 	os_free(conn->name);
+	os_free(conn->mud_url);
+	os_free(conn->extra_conf_req_name);
+	os_free(conn->extra_conf_req_value);
 	os_free(conn);
 }
 
@@ -332,8 +338,10 @@ static void dpp_controller_start_gas_client(struct dpp_connection *conn)
 	const char *dpp_name;
 
 	dpp_name = conn->name ? conn->name : "Test";
-	buf = dpp_build_conf_req_helper(auth, dpp_name, conn->netrole, NULL,
-					NULL);
+	buf = dpp_build_conf_req_helper(auth, dpp_name, conn->netrole,
+					conn->mud_url, NULL,
+					conn->extra_conf_req_name,
+					conn->extra_conf_req_value);
 	if (!buf) {
 		wpa_printf(MSG_DEBUG,
 			   "DPP: No configuration request data available");
@@ -1943,7 +1951,10 @@ static int dpp_tcp_auth_start(struct dpp_connection *conn,
 
 int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth,
 		 const struct hostapd_ip_addr *addr, int port, const char *name,
-		 enum dpp_netrole netrole, void *msg_ctx, void *cb_ctx,
+		 enum dpp_netrole netrole, const char *mud_url,
+		 const char *extra_conf_req_name,
+		 const char *extra_conf_req_value,
+		 void *msg_ctx, void *cb_ctx,
 		 int (*process_conf_obj)(void *ctx,
 					 struct dpp_authentication *auth),
 		 bool (*tcp_msg_sent)(void *ctx,
@@ -1973,6 +1984,12 @@ int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth,
 	conn->process_conf_obj = process_conf_obj;
 	conn->tcp_msg_sent = tcp_msg_sent;
 	conn->name = os_strdup(name ? name : "Test");
+	if (mud_url)
+		conn->mud_url = os_strdup(mud_url);
+	if (extra_conf_req_name)
+		conn->extra_conf_req_name = os_strdup(extra_conf_req_name);
+	if (extra_conf_req_value)
+		conn->extra_conf_req_value = os_strdup(extra_conf_req_value);
 	conn->netrole = netrole;
 	conn->global = dpp;
 	conn->auth = auth;
@@ -2019,7 +2036,9 @@ fail:
 
 int dpp_tcp_auth(struct dpp_global *dpp, void *_conn,
 		 struct dpp_authentication *auth, const char *name,
-		 enum dpp_netrole netrole,
+		 enum dpp_netrole netrole, const char *mud_url,
+		 const char *extra_conf_req_name,
+		 const char *extra_conf_req_value,
 		 int (*process_conf_obj)(void *ctx,
 					 struct dpp_authentication *auth),
 		 bool (*tcp_msg_sent)(void *ctx,
@@ -2033,6 +2052,13 @@ int dpp_tcp_auth(struct dpp_global *dpp, void *_conn,
 	conn->tcp_msg_sent = tcp_msg_sent;
 	os_free(conn->name);
 	conn->name = os_strdup(name ? name : "Test");
+	os_free(conn->mud_url);
+	conn->mud_url = mud_url ? os_strdup(mud_url) : NULL;
+	os_free(conn->extra_conf_req_name);
+	conn->extra_conf_req_name = extra_conf_req_name ?
+		os_strdup(extra_conf_req_name) : NULL;
+	conn->extra_conf_req_value = extra_conf_req_value ?
+		os_strdup(extra_conf_req_value) : NULL;
 	conn->netrole = netrole;
 	conn->auth = auth;
 
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 92525d7c6..364bdc905 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -2970,6 +2970,8 @@ void wpa_config_free(struct wpa_config *config)
 #endif /* CONFIG_MBO */
 	os_free(config->dpp_name);
 	os_free(config->dpp_mud_url);
+	os_free(config->dpp_extra_conf_req_name);
+	os_free(config->dpp_extra_conf_req_value);
 
 	os_free(config);
 }
@@ -5301,6 +5303,8 @@ static const struct global_parse_data global_fields[] = {
 	{ INT_RANGE(dpp_config_processing, 0, 2), 0 },
 	{ STR(dpp_name), 0 },
 	{ STR(dpp_mud_url), 0 },
+	{ STR(dpp_extra_conf_req_name), 0 },
+	{ STR(dpp_extra_conf_req_value), 0 },
 #endif /* CONFIG_DPP */
 	{ INT_RANGE(coloc_intf_reporting, 0, 1), 0 },
 #ifdef CONFIG_WNM
diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h
index ba9f2ed8b..d16913692 100644
--- a/wpa_supplicant/config.h
+++ b/wpa_supplicant/config.h
@@ -1617,6 +1617,18 @@ struct wpa_config {
 	 */
 	char *dpp_mud_url;
 
+	/**
+	 * dpp_extra_conf_req_name - JSON node name of additional data for
+	 * Enrollee's DPP Configuration Request
+	 */
+	char *dpp_extra_conf_req_name;
+
+	/**
+	 * dpp_extra_conf_req_value - JSON node data of additional data for
+	 * Enrollee's DPP Configuration Request
+	 */
+	char *dpp_extra_conf_req_value;
+
 	/**
 	 * coloc_intf_reporting - Colocated interference reporting
 	 *
diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index c0763253f..a779868f3 100644
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -1543,6 +1543,16 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config)
 	if (config->dpp_config_processing)
 		fprintf(f, "dpp_config_processing=%d\n",
 			config->dpp_config_processing);
+	if (config->dpp_name)
+		fprintf(f, "dpp_name=%s\n", config->dpp_name);
+	if (config->dpp_mud_url)
+		fprintf(f, "dpp_mud_url=%s\n", config->dpp_mud_url);
+	if (config->dpp_extra_conf_req_name)
+		fprintf(f, "dpp_extra_conf_req_name=%s\n",
+			config->dpp_extra_conf_req_name);
+	if (config->dpp_extra_conf_req_value)
+		fprintf(f, "dpp_extra_conf_req_value=%s\n",
+			config->dpp_extra_conf_req_value);
 	if (config->coloc_intf_reporting)
 		fprintf(f, "coloc_intf_reporting=%d\n",
 			config->coloc_intf_reporting);
diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c
index a248ca2dd..1ed2be03b 100644
--- a/wpa_supplicant/dpp_supplicant.c
+++ b/wpa_supplicant/dpp_supplicant.c
@@ -904,6 +904,9 @@ int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd)
 	if (tcp)
 		return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port,
 				    wpa_s->conf->dpp_name, DPP_NETROLE_STA,
+				    wpa_s->conf->dpp_mud_url,
+				    wpa_s->conf->dpp_extra_conf_req_name,
+				    wpa_s->conf->dpp_extra_conf_req_value,
 				    wpa_s, wpa_s, wpas_dpp_process_conf_obj,
 				    wpas_dpp_tcp_msg_sent);
 #endif /* CONFIG_DPP2 */
@@ -1842,7 +1845,9 @@ static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s)
 	buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name,
 					wpa_s->dpp_netrole,
 					wpa_s->conf->dpp_mud_url,
-					supp_op_classes);
+					supp_op_classes,
+					wpa_s->conf->dpp_extra_conf_req_name,
+					wpa_s->conf->dpp_extra_conf_req_value);
 	os_free(supp_op_classes);
 	if (!buf) {
 		wpa_printf(MSG_DEBUG,
@@ -2764,7 +2769,11 @@ static int wpas_dpp_pkex_done(void *ctx, void *conn,
 	}
 
 	return dpp_tcp_auth(wpa_s->dpp, conn, auth, wpa_s->conf->dpp_name,
-			    DPP_NETROLE_STA, wpas_dpp_process_conf_obj,
+			    DPP_NETROLE_STA,
+			    wpa_s->conf->dpp_mud_url,
+			    wpa_s->conf->dpp_extra_conf_req_name,
+			    wpa_s->conf->dpp_extra_conf_req_value,
+			    wpas_dpp_process_conf_obj,
 			    wpas_dpp_tcp_msg_sent);
 }
 #endif /* CONFIG_DPP2 */