The LDAP Binary Attribute Encoding Types screen appears when at least one attribute is configured as such in the datastore. Because binary attribute data cannot be used in an assertion to the SP, specify the encoding type that you want to apply during fulfillment. The available choices are Base64, Hex, and SID.
Defining encoding for binary attributes is only applicable to IdP and IdP-to-SP bridging use cases.
To set an encoding type, select a value from the Attribute Encoding
Repeat this step for each binary attribute.
Microsoft Office 365 relies on an immutable Active Directory binary attribute associated with user accounts (objectGUID), and requires this binary data to be Base64-encoded to correlate provisioned federated user data to Active Directory accounts. Select Base64 from the Attribute Encoding Type list.
Claims-based authentication with Microsoft Outlook Web App and Exchange admin center (EAC) requires tokenGroups (another binary attribute in Active Directory) to be SID-encoded. Select SID from the Attribute Encoding Type list.