1. Sign on to the PingAuthorize Policy Editor using the URL and credentials from Accessing the GUIs.
  2. Click Policies.
  3. Select Permitted Scopes.
  4. Click + Add Rule.
  5. For the name, replace Untitled with Scope: scimAdmin (search).
  6. From the Effect list, select Permit.
  7. In the Condition section, perform the following steps:
    1. Click + Comparison.
    2. In the first field, select HttpRequest.AccessToken.scope.
    3. From the comparator list, select Contains.
    4. In the final field, type scimAdmin.
  8. Within the rule, click Show "Applies to".
  9. Click Components.
  10. From the Actions section, drag search to the Add definitions and targets, or drag from Components box.
  11. Click Save changes.