An attribute contract is the set of user attributes that you and your partner have agreed will be sent in SSO tokens for this connection (see Attribute contracts). You may extend the attribute contract with additional attributes. Optionally, you can configure PingFederate to mask individual extended attributes in its logs (see Attribute masking).
If you are creating or updating a SAML or an OpenID Connect IdP connection, consider using the partner's metadata to do so. If the metadata contains the required information, PingFederate automatically populates the attribute contract for you.
Use the Edit, Update, and Cancel workflow to make or undo a change to an item. Use the Delete and Undelete workflow to remove an item or cancel the removal request.