---
title: Allowing attributes to be modified by administrators
description: To allow any attribute to be modified, such as for an administrator account, the policy decision point (PDP) does not need to check the impactedAttributes attribute.
component: pingauthorize
version: 11.0
page_id: pingauthorize:pingauthorize_policy_administration_guide:paz_allow_attrs_mod
canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/pingauthorize_policy_administration_guide/paz_allow_attrs_mod.html
revdate: July 10, 2023
section_ids:
  about-this-task: About this task
  steps: Steps
---

# Allowing attributes to be modified by administrators

To allow any attribute to be modified, such as for an administrator account, the policy decision point (PDP) does not need to check the `impactedAttributes` attribute.

## About this task

To create a policy that allows an administrator to modify any attributes, complete the following step.

## Steps

* Create a policy, and then add a rule with the Effect set to Permit the decision based on the Condition that the user is an administrator.

  To check the user, for example, you can set up a condition to compare whether `HttpRequest.AccessToken.scope` equals `administrator`.