Hi @Eric D ,
If you are seeing the "policy did not save" error, one possibility is that the policy size is too large. You can check the response from Graph to see more details about why the save is failing. If you have too many objects (groups and users) excluded for the registration campaign, you will need to downsize the policy.
You can check the audit logs and the response from Graph to get more details.
Request:
PATCH https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/Fido2 HTTP/2.0
When you change the policy, you may also see this error if there is a reason required to disable/enable and you have not selected that reason.
If the first solution does not help I would recommend sharing the more detailed error from the audit logs so that we can better isolate the issue and troubleshoot.
If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar questions.