To create a policy that allows an administrator to modify any attributes, complete the following step.

  • Create a policy, and then add a rule with the Effect set to Permit the decision based on the Condition that the user is an administrator.

    To check the user, for example, you can set up a condition to compare whether HttpRequest.AccessToken.scope equals administrator.