...

...

Attribute mappings that require manipulation are explained in the subsequent sections.

Add an attribute with

...

a mapping to a standard EntraID attribute

This instruction is valid for attributes like urn:mace:dir:attribute-def:cn, urn:mace:dir:attribute-def:displayName, urn:mace:dir:attribute-def:givenName, urn:mace:dir:attribute-def:sn, urn:mace:dir:attribute-def:mail and other attributes that don’t need manipulation.

In the box ‘Attributes & Claims’, click ‘Edit’. 

...

Enter the claim name (first column in the table above) in the ‘Name’ field and select the Source attribute that you found in the second column in the table above: 

...

For urn:mace:dir:attribute-def:eduPersonAffiliation it is sufficient to simply type ‘employee’ in the source attribute field without the quotes, Microsoft will automatically put the word in double quotes.

Repeat the steps for every attribute mentioned in the table above.  

...

• Regex pattern: ^.*\@(?'domain')

• Replacement pattern (vervangingspatroon): employee@{domain}

...

Attribute overview

The result of the attribute configuration looks as follows, please pay attention to the proper amount or lack of quotes:

...

Submit the intake form 

Please complete the form ‘Technisch Intakeformulier govconext’ with the metadata-URL and default schacHomeOrganization and the other required information and send it through the govroam ‘klantportaal’ and/or ‘tech@govroam.nl’. 

...

Since govconext is built using OpenConext software which is also used for SURFconext, you can find additional information if you search for SURFconext, specifically:
Handleiding Azure AD als SAML Identity Provider in SURFconext - SURFconext - Get Conexted - SURF Wiki - https://wiki.surfnet.nl/  

Also, Microsoft provides an extensive article:  
https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/surfconext-tutorial