1. Sign on to the PingAuthorize Policy Editor using the URL and credentials from Accessing the GUIs.
  2. Click Policies.
  3. Highlight Permitted Scopes.
  4. Click + Add Rule.
  5. For the name, replace Untitled with Scope: scimAdmin (delete).
  6. From the Effect list, select Permit.
  7. In the Condition section, perform the following steps:
    1. Click + Comparison.
    2. In the first field, type HttpRequest.AccessToken.scope.
    3. From the comparator list, select Contains.
    4. In the final field, type scimAdmin.
  8. Within the rule, click Show "Applies to".
  9. Click Components.
  10. From the Actions section, drag delete to the Add definitions and targets, or drag from Components box.
  11. Click Save changes.