The User Attribute Retrieval and Transformation feature enables you to retrieve an attribute from an external data source and transform it before sending it in an assertion. The data source can be any database, REST web service, or LDAP repositories. You can transform a user’s local attributes, LDAP attributes, Shared Secrets, and various profiles, such as Personal Profile and Employee Profile.
You can use virtual attributes to generate dynamic data at runtime from the current values of the user attributes. The transformed attribute values are not stored in any persistent data stores. They are in the memory as part of user’s session.