IdP Role Mapping allows you to assign Contentstack roles to the users of a group/role in your IdP. Subsequently, users of such groups can directly log in to your SSO-enabled organization (without invitation) with the assigned permissions.
This is an alternate way of managing users and permissions of your SSO-enabled organization (the other way being invitation-based users and roles management).
To use this feature, you need to map your IdP roles to Contentstack roles, while configuring SSO for your organization.
Note: After enabling IdP Role Mapping, the role management (in Contentstack) for the users of your IdP will be handled from your IdP, instead of from Contentstack.