When Identity Server creates its request to send to the identity provider, it uses the attributes that you have selected. The request asks the identity provider to provide values for these attributes. You can then use these attributes to create policies, to match user accounts, or if you allow provisioning, to create a user account on the service provider.
Click Devices > Identity Servers > Edit > [Protocol] > [Identity Provider] > Attributes.
(Conditional) To create an attribute set, select New Attribute Set from the Attribute Set drop-down menu.
An attribute set is a group of attributes that can be exchanged with the trusted provider. For example, you can specify that the local attribute of any attribute in the Liberty profile (such as Informal Name) matches the remote attribute specified at the service provider.
Specify a set name, then click Next.
On the Define Attributes page, click New.
Select a local attribute.
Optionally, provide the name of the remote attribute and a namespace.
Click OK.
For more information about this process, see Configuring Attribute Sets.
To add other attributes to the set, repeat Step 2.b through Step 2.e.
Click Finish.
Select an attribute set
Select attributes from the Available list, and move them to the left side of the page.
The attributes that you move to the left side of the page are the attributes you want to be obtained during authentication.
Click OK > OK.
Update Identity Server.