...

The best way for a Service Provider to get the needed attributes is to request to the registering federation, i.e. SWAMID, to add entity categories to their metadata. For more information about entity categories please see 4.1 Entity Categories for Service Providers.

To further more enhance the possibility to get attributes the Service Provider should write and publish an informational document about the Service Provider and a privacy policy the defines how the Service Provider stores and processes personal data, please see 4.3 Service Provider Metadata Extensions for Login and Discovery User Interface (MDUI) for further information.

If some Identity Providers still doesn't release enough required attributes to the Service Provider you should inform the users what required attributes are missing in the release from their Identity Providers. This gives the user meaningful reason why the user can't access your service. It also gives you a possible sponsor to get the required attribute release from the Identity Provider. The information you give on the required attributes page is vital for the user in their communication with their service desk. The page should at least contain what attributes are missing, a link to the Service Provider informational page and a link to the Service Provider privacy policy.

The best way to create a page for required attributes missing is to do this with in within the webservice but sometimes this is not possibly and then you should use the capabilities of your SAML Service Provider software. For example in Shibboleth Service Provider you can use Shibboleth SP attribute checker.