To create a policy that allows an administrator to modify any attributes, complete the following step.

  • Create a policy with a rule with Effect set to Permit the decision based on the Condition that the user is an administrator.

    To check the user, for example, you can set up a condition to compare whether HttpRequest.AccessToken.scope equals administrator.