Editing Policies via the Manage API

[joaofilipedg]

We are interested in automating the updates of some specific policies and are trying to do that via the Manage REST API.

The first issue we found was that, unlike the IDPs, SPs, RPs, and RSs, Policies cannot be Created or Updated via the /internal/merge or /internal/metadata endpoints documented in the Manage API Wiki.

We had to resort to using the /internal/protected/policies endpoint used by the Dashboard, which requires some impersonating headers to be passed. After careful testing, we have confirmed that Policies created in Manage will have the authenticatingAuthorityName field empty and therefore can never be edited via API (this also includes the inability to edit them in the Dashboard GUI). I don't think this was the behavior that existed previously when Policies were created via the PDP GUI, since all of our old Policies have this field properly filled.

In summary, there are 2 suggestions:

• If possible, allow proper CRUD functionality on policies via the Manage API
• Let Policies created in Manage be edited via the Dashboard (manage /internal/protected/policies endpoint)