The screenshot is from Instant, not a controller.
If you are't using the RADIUS VSAs to directly send a VLAN, you'll have to use filter-id with server derivation rules.
In your RADIUS server, return a "tag" (just descriptive text or number) for the VLAN using the filter-id attribute.
In your controller, go to Configuration > Authentication > Servers > Server Group, then click your server group. Now add a rule to match the condition. (See below)