Identity Providers are 3rd party systems.
You may be using Ignition's internal identity provider, but in your head you should still view it as this diagram shows. Ignition is passing the information you login with, to the IdP, and the IdP will respond with a token that Ignition uses to determine your authentication.
I highly recommend using the "Test Login" feature of the Identity Provider by going to the Gateway Webpage > Config > IdP > More > Test Login. From here you can see what Michael pointed out, that the Security Levels exist in the IdP regardless of your defined structure in Ignition. You don't technically need to define the levels for expressions to work, etc (This becomes confusing when you are using an internal provider because all the info is technically in Ignition already).
This means that defining Security Levels in Ignition is required even for internal IdPs.
For your simple setup of an internal Ignition IdP , you should not need to setup anything beyond the Security Levels in order to select them from your security menu in the Designer (You do not need to do User Attribute Mapping typically for a simple User Source > IdP).