Running AdminUI, trying to update a Federation Partnership with the following REST API command:

PUT https://server.example.com/ca/api/sso/services/policy/v1/FedSPPartnerships/<partnership>

{"Name": "<partnership>",
    "Authentication": {
       "AuthenticationContextType": "Automatic"
    },
    "AuthenticationContextConfiguration": {
       "AuthenticationContextTemplate": {
          "id": "CA.FED::AuthnContextTemplate@<value>",
          "path": "/FedAuthnContextTemplates/GenericAppTemplate",
          "href": "https://server.example.com:8443/ca/api/sso/services/policy/v1/objects/CA.FED::AuthnContextTemplate@<value>"
          }
    }
}

The command returns the following error:

{
   "reponseType": "error",
   "status": 500,
   "data": [
     {
        "message": "java.lang.IllegalArgumentException: null attribute value DynAuthDefaultURI"
     }
   ]
}   

This error occurs when the Partnership is using an "AuthenticationContextTemplate" which has "Dynamic Authentication" disabled - (so no dynamic URL's configured).

The version 12.8SP8CR01 of AdminUI has a fix for a very similar issue, as described per documentation (1):

    | Support Case Number | Internal Defect ID | Issue Description                  |
    |---------------------+--------------------+------------------------------------|
    |            33263800 | DE549255           | REST APIs fail to update the SP-   |
    |                     |                    | IdP federation partnership when    |
    |                     |                    | EnableDynamicAuthentication is     |
    |                     |                    | set to false in THE authentication |
    |                     |                    | context template.                  |

Upgrade the AdminUI to 12.8SP8CR01 to fix this issue.

Remember, when upgrading the AdminUI, upgrade also the Policy Server and the Policy Store data definition to the same level.

1. Administrative UI