When Identity Server creates a response for the service provider, it uses the attributes listed on the Attributes page. The response must contain the attributes that the service provider requires. If you do not own the service provider, contact the administrator of the service provider and negotiate which attributes you need to send in the response. The service provider can use these attributes to perform the following actions:
Identify a user
Create policies
Match user accounts
Create a user account on the service provider if it allows provisioning.
Perform the following steps to configure the attributes sent with authentication:
Click Devices > Identity Servers > Edit > WS Federation > [Service Provider] > Attributes.
(Conditional) To create an attribute set, select New Attribute Set from Attribute Set.
An attribute set is a group of attributes that can be exchanged with the trusted provider. For example, you can specify that the local attribute of any attribute in the Liberty profile (such as Informal Name) matches the remote attribute specified at the service provider.
Specify a set name, then click Next.
On the Define Attributes page, click New.
Select a local attribute.
Specify the name of the remote attribute.
For the namespace, specify http://schemas.xmlsoap.org/claims.
Click OK.
To add other attributes to the set, repeat Step 2.b through Step 2.e.
Click Finish.
Select an attribute set.
Select attributes that you want to send from Available and move them to the left of the page.
(Conditional) If you created a new attribute set, it must be enabled for STS.
For more information, see Enabling the Attribute Set.
Click OK.
Update Identity Server.