Allowing attributes to be modified by administrators - PingAuthorize

Allowing attributes to be modified by administrators - PingAuthorize - 10.0

PingAuthorize 10.0

bundle

pingauthorize-100

ft:publication_title

PingAuthorize 10.0

Product_Version_ce

PingAuthorize 10.0 (Latest)

category

ContentType

Product

Productdocumentation

paz-100

pingauthorize

ContentType_ce

Product documentation

To allow any attribute to be modified, such as for an administrator account, the policy decision point (PDP) does not need to check the impactedAttributes attribute.

To create a policy that allows an administrator to modify any attributes, complete the following step.

Create a policy, and then add a rule with the Effect set to Permit the decision based on the Condition that the user is an administrator.

To check the user, for example, you can set up a condition to compare whether HttpRequest.AccessToken.scope equals administrator.