Add the scimAdmin retrieve rule to the Permitted Scopes policy.
- Sign on to the PingAuthorize Policy Editor using the URL and credentials from Accessing the GUIs.
- Click Policies.
- Highlight Permitted Scopes.
- Click + Add Rule.
- For the name, replace Untitled with Scope: scimAdmin (retrieve).
- From the Effect list, select Permit.
In the Condition section, perform the following
- Click + Comparison.
- In the first field, select HttpRequest.AccessToken.scope.
- From the comparator list, select Contains.
- In the final field, type scimAdmin.
- Within the rule, click Show "Applies to".
- Click Components.
- From the Actions section, drag retrieve to the Add definitions and targets, or drag from Components box.
- Within the rule, click Show Advice and Obligations.
- Click + next to Advice and Obligations.
- From the Advice section, drag Include all attributes to the Advice and Obligations section.
- Click Save changes.