The attribute-based mapping involves one website communicating identity information about a subject to another website to support transactions. However, the identity information might a characteristic of the subject, such as a role. The attribute-based mapping is important when a subject’s identity is not important, must not be shared, or is insufficient on its own.
To interoperate with trusted service providers through the SAML protocol, Identity Server distinguishes between different attributes from different SAML implementations. Access Manager uses Liberty attributes in the SAML administration. When you specify which attributes to include in an assertion, or which attributes to use when locating the user from an assertion, these attributes must always be specified in the Liberty format.
In an attribute map, SAML attributes from each vendor’s implementation is converted to Liberty attributes. (See Section 2.4.1, Configuring Attribute Sets.)
For more information, see the OASIS Standards Website.