To allow any attribute to be modified, such as for an administrator account, the policy
decision point (PDP) does not need to check the
To create a policy that allows an administrator to modify any attributes, complete the following step.
To check the user, for example, you can set up a condition to compare whether
HttpRequest.AccessToken.scope equals administrator.