When Identity Server creates a request to send to the identity provider, it uses the attributes that you have selected. The request asks the identity provider to provide values for these attributes. You can then use these attributes to create policies, to match user accounts, or if you allow provisioning, to create a user account on the service provider.
To select the attributes, perform the following steps:
Click Devices > Identity Servers > Edit > WS Federation > [Identity Provider] > Attributes.
(Conditional) To create an attribute set, select New Attribute Set from Attribute Set.
An attribute set is a group of attributes that can be exchanged with the trusted provider. For example, you can specify that the local attribute of any attribute in the Liberty profile (such as Informal Name) matches the remote attribute specified at the service provider.
Specify a set name, then click Next.
On the Define Attributes page, click New.
Select a local attribute.
Specify the name of the remote attribute.
For the namespace, specify http://schemas.xmlsoap.org/claims.
Click OK.
To add other attributes to the set, repeat Step 2.b through Step 2.e.
Click Finish.
Select an attribute set.
Select attributes from the Available list, and move them to the left side of the page.
(Conditional) If you created a new attribute set, it must be enabled for STS.
For more information, see Enabling the Attribute Set.
Click OK.
Update Identity Server.