Defining attributes and referencing them in role-templates works, but how can they be defined as static/saml attribute in xs-secutity.json? Application roles from xs-security can be edited in SAP Cloud Platform Cockpit, but not section ATTRIBUTES! What are the names/values in xs-security to provide this information? Otherwise source of the attribute is always "Unrestricted" and values "empty".
Solution from Capture IDP User attributes in SAP cloud foundry app via SDK UserAccesor API works only for roles created in cockpit.
Maybe there's a working example somewhere i haven't found? How is an exposed attribute then used in extended approuter?
