Imposible to fix wrong PicketLink Federation identity provider's security domain after reload

enable PicketLink using CLI add Federation: /subsystem=picketlink-federation/federation=newFed:add() add identity provider: /subsystem=picketlink-federation/federation=newFed/identity-provider=newIdP:add(url=123,security-domain=other) edit security domain of identity provider with typo(jboss-web-polic instead of jboss-web-policy): /subsystem=picketlink-federation/federation=newFed/identity-provider=newIdP:write-attribute(name=security-domain,value=jboss-web-polic) for whatever reason reload: reload you see the error about missing jboss.security.security-domain.jboss-web-polic in server log so try to fix it: /subsystem=picketlink-federation/federation=newFed/identity-provider=newIdP:write-attribute(name=security-domain,value=jboss-web-policy) you get WFLYCTL0158: Operation handler failed: java.lang.IllegalStateException