To allow any attribute to be modified, such as for an administrator account, the policy
decision point (PDP) does not need to check the impactedAttributes
attribute.
To create a policy that allows an administrator to modify any attributes, complete the following step.
Create a policy with a rule with Effect set to
Permit the decision based on the
Condition that the user is an administrator.
To check the user, for example, you can set up a condition to compare whether
HttpRequest.AccessToken.scope
equals administrator.